Lucene search
Redhat.comRH:CVE-2021-3914HistoryFeb 21, 2022 - 9:32 a.m.
CVE-2021-3914
2022-02-2109:32:42
redhat.com
access.redhat.com
23
smallrye health metrics
input sanitization
cross-site scripting
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.5%
It was found that the smallrye health metrics UI component did not properly sanitize some user inputs. An attacker could use this flaw to conduct cross-site scripting attacks.
Related
github
github
SmallRye Health UI Cross-site Scripting vulnerability
2022-08-26 00:03:29
nvd
nvd
CVE-2021-3914
2022-08-25 20:15:09
osv
osv
SmallRye Health UI Cross-site Scripting vulnerability
2022-08-26 00:03:29
cve
cve
CVE-2021-3914
2022-08-25 20:15:09
cvelist
cvelist
CVE-2021-3914
2022-08-25 19:36:49
prion
prion
Cross site scripting
2022-08-25 20:15:00
redhat
redhat
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.5%
Related for RH:CVE-2021-3914