A stored cross site scripting have been identified at the comments in the report creation due to an obsolote version of tinymce editor. In order to exploit this vulnerability, the attackers needs an account with enough privileges to view and edit reports.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2022-02-07T00:00:00
Updated: 2023-11-22T10:24:03.682Z
Reserved: 2021-11-30T00:00:00
Link: CVE-2021-4035
JSON object: View
NVD Information
Status : Modified
Published: 2022-02-11T18:15:10.787
Modified: 2023-11-22T11:15:07.533
Link: CVE-2021-4035
JSON object: View
Redhat Information
No data.
CWE