CVE-2021-3535

CVE-2021-3535

Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting vulnerability affecting the Security Console’s Filtered Asset Search feature. A specific search criterion and operator combination in Filtered Asset Search could have allowed a user to pass code through the provided search field. This issue affects version 6.6.80 and prior, and is fixed in 6.6.81. If your Security Console currently falls on or within this affected version range, ensure that you update your Security Console to the latest version.

Source: CVE-2021-3535

댓글 남기기

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다

Time limit is exhausted. Please reload the CAPTCHA.