Vulnerability Details CVE-2021-25656
Stored XSS injection vulnerabilities were discovered in the Avaya Aura Experience Portal Web management which could allow an authenticated user to potentially disclose sensitive information. Affected versions include 7.0 through 7.2.3 (without hotfix) and 8.0.0 (without hotfix).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.3%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 3.5
References
Products affected by CVE-2021-25656
-
cpe:2.3:a:avaya:aura_experience_portal:7.1
-
cpe:2.3:a:avaya:aura_experience_portal:8.0.0