WEB APPLICATION VULNERABILITIES Standard & Premium

OpenVPN AS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3824)

Description

OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL.

Remediation

References

Related Vulnerabilities

WordPress Plugin EME Sync Facebook Events Unspecified Vulnerability (1.0.38)

WordPress Plugin Mang Board WP SQL Injection (1.9.9)

MyBB Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-2327)

Internet Information Services Other Vulnerability (CVE-2003-0224)

MySQL CVE-2015-4858 Vulnerability (CVE-2015-4858)

Severity

Medium

Classification

CVE-2021-3824 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities