A stored cross site scripting have been identified at the comments in the report creation due to an obsolote version of tinymce editor. In order to exploit this vulnerability, the attackers needs an account with enough privileges to view and edit reports.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2022-02-11T17:40:04.786449Z
Updated: 2024-09-16T16:38:39.868Z
Reserved: 2021-11-30T00:00:00
Link: CVE-2021-4035
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-02-11T18:15:10.787
Modified: 2024-11-21T06:36:46.190
Link: CVE-2021-4035
Redhat
No data.