Skip to main content

Report2Web

2 CVEs product

Monthly

CVE-2021-26711 MEDIUM POC This Month

A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/Online_Help/NetHelp/default.htm turl. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Report2Web
NVD
CVSS 3.1
5.3
EPSS
1.9%
CVE-2021-26710 MEDIUM POC This Month

A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Report2Web
NVD
CVSS 3.1
6.1
EPSS
7.5%
EPSS 2% CVSS 5.3
MEDIUM POC This Month

A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/Online_Help/NetHelp/default.htm turl. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Report2Web
NVD
EPSS 8% CVSS 6.1
MEDIUM POC This Month

A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Report2Web
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy