SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/163294/SAS-Environment-Manager-2.5-Cross-Site-Scripting.html | Broken Link |
https://github.com/saitamang/CVE-2021-35475/blob/main/README.md | Broken Link |
https://support.sas.com | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-25T10:01:35
Updated: 2021-06-28T18:06:11
Reserved: 2021-06-24T00:00:00
Link: CVE-2021-35475
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-25T11:15:07.587
Modified: 2021-07-01T16:02:54.013
Link: CVE-2021-35475
JSON object: View
Redhat Information
No data.
CWE