SLICAN WebCTI 1.01 2015 is affected by a Cross Site Scripting (XSS) vulnerability. The attacker can steal the user's session by injecting malicious JavaScript codes which leads to Session Hijacking and cause user's credentials theft.
References
| Link | Resource |
|---|---|
| https://drive.google.com/file/d/1oKuzCZob9-LOAp-pdGN0MYYBx8y9FnHK/view?usp=sharing | Exploit Third Party Advisory |
| https://drive.google.com/file/d/1oKuzCZob9-LOAp-pdGN0MYYBx8y9FnHK/view?usp=sharing | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 06:33
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://drive.google.com/file/d/1oKuzCZob9-LOAp-pdGN0MYYBx8y9FnHK/view?usp=sharing - Exploit, Third Party Advisory |
12 Jan 2022, 14:19
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
| CPE | cpe:2.3:a:slican:webcti:1.01_2015:*:*:*:*:*:*:* | |
| CWE | CWE-79 | |
| References | (MISC) https://drive.google.com/file/d/1oKuzCZob9-LOAp-pdGN0MYYBx8y9FnHK/view?usp=sharing - Exploit, Third Party Advisory |
28 Dec 2021, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-12-28 15:15
Updated : 2024-11-21 06:33
NVD link : CVE-2021-45813
Mitre link : CVE-2021-45813
CVE.ORG link : CVE-2021-45813
JSON object : View
Products Affected
slican
- webcti
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')