Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29713)

Description

IBM Jazz Team Server products are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Remediation

References

Related Vulnerabilities

PHP CVE-2024-2757 Vulnerability (CVE-2024-2757)

WordPress Plugin Polls CP Multiple Vulnerabilities (1.0.8)

WordPress Plugin Filter Custom Fields & Taxonomies Light Unspecified Vulnerability (1.04)

Drupal Core 9.1.x Arbitrary File Overwrite (9.1.0 - 9.1.2)

WordPress Plugin WP Google Maps Unspecified Vulnerability (6.2.1)

Severity

Medium

Classification

CVE-2021-29713 CWE-707 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities