Vulnerability Details CVE-2021-4269
A vulnerability has been found in SimpleRisk and classified as problematic. This vulnerability affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argument title leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 20220306-001 is able to address this issue. The name of the patch is 591405b4ed160fbefc1dca1e55c5745079a7bb48. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216472.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.8%
CVSS Severity
CVSS v3 Score 3.5
References
- https://github.com/simplerisk/code/commit/591405b4ed160fbefc1dca1e55c5745079a7bb48
- https://github.com/simplerisk/code/releases/tag/20220306-001
- https://vuldb.com/?id.216472
- https://github.com/simplerisk/code/commit/591405b4ed160fbefc1dca1e55c5745079a7bb48
- https://github.com/simplerisk/code/releases/tag/20220306-001
- https://vuldb.com/?id.216472
Products affected by CVE-2021-4269
-
cpe:2.3:a:simplerisk:simplerisk:-
-
cpe:2.3:a:simplerisk:simplerisk:20130415-001
-
cpe:2.3:a:simplerisk:simplerisk:20130501-001
-
cpe:2.3:a:simplerisk:simplerisk:20130718-001
-
cpe:2.3:a:simplerisk:simplerisk:20130827-001
-
cpe:2.3:a:simplerisk:simplerisk:20130915-001
-
cpe:2.3:a:simplerisk:simplerisk:20130916-001
-
cpe:2.3:a:simplerisk:simplerisk:20130929-001
-
cpe:2.3:a:simplerisk:simplerisk:20131024-001
-
cpe:2.3:a:simplerisk:simplerisk:20131113-001
-
cpe:2.3:a:simplerisk:simplerisk:20131231-001
-
cpe:2.3:a:simplerisk:simplerisk:20140224-001
-
cpe:2.3:a:simplerisk:simplerisk:20140413-001
-
cpe:2.3:a:simplerisk:simplerisk:20140526-001
-
cpe:2.3:a:simplerisk:simplerisk:20140728-001
-
cpe:2.3:a:simplerisk:simplerisk:20141013-001
-
cpe:2.3:a:simplerisk:simplerisk:20141129-001
-
cpe:2.3:a:simplerisk:simplerisk:20141214-001
-
cpe:2.3:a:simplerisk:simplerisk:20150202-001
-
cpe:2.3:a:simplerisk:simplerisk:20150321-001
-
cpe:2.3:a:simplerisk:simplerisk:20150531-001
-
cpe:2.3:a:simplerisk:simplerisk:20150729-001
-
cpe:2.3:a:simplerisk:simplerisk:20150920-001
-
cpe:2.3:a:simplerisk:simplerisk:20150928-001
-
cpe:2.3:a:simplerisk:simplerisk:20150930-001
-
cpe:2.3:a:simplerisk:simplerisk:20151108-001
-
cpe:2.3:a:simplerisk:simplerisk:20151219-001
-
cpe:2.3:a:simplerisk:simplerisk:20160124-001
-
cpe:2.3:a:simplerisk:simplerisk:20160331-001
-
cpe:2.3:a:simplerisk:simplerisk:20160612-001
-
cpe:2.3:a:simplerisk:simplerisk:20161023-001
-
cpe:2.3:a:simplerisk:simplerisk:20161030-001
-
cpe:2.3:a:simplerisk:simplerisk:20161122-001
-
cpe:2.3:a:simplerisk:simplerisk:20170102-001
-
cpe:2.3:a:simplerisk:simplerisk:20170108-001
-
cpe:2.3:a:simplerisk:simplerisk:20170312-001
-
cpe:2.3:a:simplerisk:simplerisk:20170416-001
-
cpe:2.3:a:simplerisk:simplerisk:20170614-001
-
cpe:2.3:a:simplerisk:simplerisk:20170723-001
-
cpe:2.3:a:simplerisk:simplerisk:20170724-001
-
cpe:2.3:a:simplerisk:simplerisk:20180104-001
-
cpe:2.3:a:simplerisk:simplerisk:20180301-001
-
cpe:2.3:a:simplerisk:simplerisk:20180527-001
-
cpe:2.3:a:simplerisk:simplerisk:20180627-001
-
cpe:2.3:a:simplerisk:simplerisk:20180812-001
-
cpe:2.3:a:simplerisk:simplerisk:20180814-001
-
cpe:2.3:a:simplerisk:simplerisk:20180830-001
-
cpe:2.3:a:simplerisk:simplerisk:20180916-001
-
cpe:2.3:a:simplerisk:simplerisk:20181103-001
-
cpe:2.3:a:simplerisk:simplerisk:20190105-001
-
cpe:2.3:a:simplerisk:simplerisk:20190210-001
-
cpe:2.3:a:simplerisk:simplerisk:20190331-001
-
cpe:2.3:a:simplerisk:simplerisk:20190630-001
-
cpe:2.3:a:simplerisk:simplerisk:20190930-001
-
cpe:2.3:a:simplerisk:simplerisk:20191130-001
-
cpe:2.3:a:simplerisk:simplerisk:20200328-001
-
cpe:2.3:a:simplerisk:simplerisk:20200401-001
-
cpe:2.3:a:simplerisk:simplerisk:20200711-001
-
cpe:2.3:a:simplerisk:simplerisk:20201005-001
-
cpe:2.3:a:simplerisk:simplerisk:20201106-001
-
cpe:2.3:a:simplerisk:simplerisk:20201123-001
-
cpe:2.3:a:simplerisk:simplerisk:20210121-001
-
cpe:2.3:a:simplerisk:simplerisk:20210305-001
-
cpe:2.3:a:simplerisk:simplerisk:20210625-001
-
cpe:2.3:a:simplerisk:simplerisk:20210630-001
-
cpe:2.3:a:simplerisk:simplerisk:20210713-001