What is the CVSS score of CVE-2021-47858?

CVE-2021-47858 has a CVSS 3.1 base score of 7.2 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N. EPSS exploitation probability: 0.0%.

Which versions of Genexis Platinum-4410 P4410-V2-1.31A are affected by CVE-2021-47858?

Organizations using Genexis Platinum-4410 P4410-V2-1.31A face moderate risk from CVE-2021-47858, a cross-site scripting vulnerability rated CVSS 7.2.

Is there a public PoC exploit available for CVE-2021-47858?

Yes, a public proof-of-concept exploit is available for CVE-2021-47858. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2021-47858?

Within 7 days: Identify all affected systems and apply vendor patches promptly. Verify anti-CSRF tokens and content security policies are enforced.

Genexis Platinum-4410 P4410-V2-1.31A CVE-2021-47858

HIGH

Cross-site Scripting (XSS) (CWE-79)

2026-01-21 disclosure@vulncheck.com

XSS

7.2

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

7.2 HIGH

AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 26, 2026 - 15:04 vuln.today

Public exploit code

CVE Published

Jan 21, 2026 - 18:16 nvd

HIGH 7.2

DescriptionCVE.org

Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page.

AnalysisAI

Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. [CVSS 7.2 HIGH]

Technical ContextAI

Classified as CWE-79 (Cross-site Scripting (XSS)). Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged users when they access the security management page.

Affected ProductsAI

Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management int

RemediationAI

Monitor vendor advisories for a patch. Implement output encoding and Content Security Policy headers. Restrict network access to the affected service where possible.

CVE-2021-47858 vulnerability details – vuln.today

Back

Genexis Platinum-4410 P4410-V2-1.31A CVE-2021-47858

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code