Vulnerability Details CVE-2021-36538
Cross Site Scripting (XSS) vulnerability in Gurock TestRail before 7.1.2 allows remote authenticated attackers to run arbitrary code via the reference field in milestones or description fields in reports.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.0%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2021-36538
-
cpe:2.3:a:gurock:testrail:1.0
-
cpe:2.3:a:gurock:testrail:1.0.2
-
cpe:2.3:a:gurock:testrail:1.0.3
-
cpe:2.3:a:gurock:testrail:1.0.4
-
cpe:2.3:a:gurock:testrail:1.1
-
cpe:2.3:a:gurock:testrail:1.2
-
cpe:2.3:a:gurock:testrail:1.3
-
cpe:2.3:a:gurock:testrail:1.3.1
-
cpe:2.3:a:gurock:testrail:2.0
-
cpe:2.3:a:gurock:testrail:2.0.1
-
cpe:2.3:a:gurock:testrail:2.1
-
cpe:2.3:a:gurock:testrail:2.1.0.352
-
cpe:2.3:a:gurock:testrail:2.2
-
cpe:2.3:a:gurock:testrail:2.3
-
cpe:2.3:a:gurock:testrail:2.3.1
-
cpe:2.3:a:gurock:testrail:2.3.2
-
cpe:2.3:a:gurock:testrail:2.4
-
cpe:2.3:a:gurock:testrail:2.4.1
-
cpe:2.3:a:gurock:testrail:2.5
-
cpe:2.3:a:gurock:testrail:2.5.1
-
cpe:2.3:a:gurock:testrail:2.6
-
cpe:2.3:a:gurock:testrail:2.7
-
cpe:2.3:a:gurock:testrail:2.7.1
-
cpe:2.3:a:gurock:testrail:3.0
-
cpe:2.3:a:gurock:testrail:3.0.1
-
cpe:2.3:a:gurock:testrail:3.0.2
-
cpe:2.3:a:gurock:testrail:3.0.3
-
cpe:2.3:a:gurock:testrail:3.0.4
-
cpe:2.3:a:gurock:testrail:3.1
-
cpe:2.3:a:gurock:testrail:3.1.1
-
cpe:2.3:a:gurock:testrail:3.1.1.3130
-
cpe:2.3:a:gurock:testrail:3.1.2
-
cpe:2.3:a:gurock:testrail:3.1.3
-
cpe:2.3:a:gurock:testrail:4.0.1
-
cpe:2.3:a:gurock:testrail:4.0.2
-
cpe:2.3:a:gurock:testrail:4.0.3
-
cpe:2.3:a:gurock:testrail:4.0.4
-
cpe:2.3:a:gurock:testrail:4.1
-
cpe:2.3:a:gurock:testrail:4.2
-
cpe:2.3:a:gurock:testrail:4.2.1
-
cpe:2.3:a:gurock:testrail:5.0
-
cpe:2.3:a:gurock:testrail:5.0.1
-
cpe:2.3:a:gurock:testrail:5.0.2
-
cpe:2.3:a:gurock:testrail:5.1
-
cpe:2.3:a:gurock:testrail:5.2
-
cpe:2.3:a:gurock:testrail:5.2.1
-
cpe:2.3:a:gurock:testrail:5.3
-
cpe:2.3:a:gurock:testrail:5.3.0.3603
-
cpe:2.3:a:gurock:testrail:5.4
-
cpe:2.3:a:gurock:testrail:5.4.1
-
cpe:2.3:a:gurock:testrail:5.5
-
cpe:2.3:a:gurock:testrail:5.5.1
-
cpe:2.3:a:gurock:testrail:5.6.0.3853
-
cpe:2.3:a:gurock:testrail:5.6.0.3856
-
cpe:2.3:a:gurock:testrail:5.6.0.3861
-
cpe:2.3:a:gurock:testrail:6.2
-
cpe:2.3:a:gurock:testrail:6.3.1
-
cpe:2.3:a:gurock:testrail:6.4.0
-
cpe:2.3:a:gurock:testrail:6.5.3
-
cpe:2.3:a:gurock:testrail:6.5.4
-
cpe:2.3:a:gurock:testrail:6.5.5
-
cpe:2.3:a:gurock:testrail:6.5.6
-
cpe:2.3:a:gurock:testrail:6.5.7
-
cpe:2.3:a:gurock:testrail:6.6
-
cpe:2.3:a:gurock:testrail:6.6.1
-
cpe:2.3:a:gurock:testrail:6.7
-
cpe:2.3:a:gurock:testrail:6.7.1
-
cpe:2.3:a:gurock:testrail:6.7.1.1020
-
cpe:2.3:a:gurock:testrail:6.7.2
-
cpe:2.3:a:gurock:testrail:7.0
-
cpe:2.3:a:gurock:testrail:7.0.0.1052
-
cpe:2.3:a:gurock:testrail:7.0.1
-
cpe:2.3:a:gurock:testrail:7.0.1.1013
-
cpe:2.3:a:gurock:testrail:7.0.2
-
cpe:2.3:a:gurock:testrail:7.0.2.1015
-
cpe:2.3:a:gurock:testrail:7.0.2.1016
-
cpe:2.3:a:gurock:testrail:7.1
-
cpe:2.3:a:gurock:testrail:7.1.0.1068
-
cpe:2.3:a:gurock:testrail:7.1.0.1070
-
cpe:2.3:a:gurock:testrail:7.1.1
-
cpe:2.3:a:gurock:testrail:7.1.1.1033