CVE-2021-21802: XSS
First published: Fri Jul 16 2021(Updated: )
This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.
Credit: talos-cna@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech R-SeeNet | =2.4.12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-21802?
CVE-2021-21802 is a vulnerability present in the Advantech R-SeeNet web application, specifically in the device_graph_page.php script.
How can an attacker exploit CVE-2021-21802?
An attacker can exploit CVE-2021-21802 by crafting a specially designed URL and tricking a victim into visiting it, which can lead to arbitrary execution of JavaScript code.
What is the severity of CVE-2021-21802?
The severity of CVE-2021-21802 is critical with a severity value of 6.1 (out of 10).
Which software version is affected by CVE-2021-21802?
The Advantech R-SeeNet version 2.4.12 is affected by CVE-2021-21802.
Is there a fix available for CVE-2021-21802?
At the moment, there is no known fix or patch available for CVE-2021-21802. It is recommended to follow the recommendations provided by the vendor or security advisories to mitigate the vulnerability.
- collector/nvd-index
- vendor/advantech
- canonical/advantech r-seenet
- version/advantech r-seenet/2.4.12