First published: Tue Sep 07 2021(Updated: )
Deskpro cloud and on-premise Deskpro 2021.1.6 and fixed in Deskpro 2021.1.7 contains a cross-site scripting (XSS) vulnerability in social media links on a user profile due to lack of input validation.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Deskpro Deskpro | =2021.1.6 | |
Deskpro Deskpro | =2021.1.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-36696 is medium with a severity value of 5.4.
CVE-2021-36696 affects Deskpro cloud and on-premise Deskpro 2021.1.6 versions.
CVE-2021-36696 is a cross-site scripting (XSS) vulnerability in social media links on a user profile due to lack of input validation.
To fix CVE-2021-36696, upgrade to Deskpro 2021.1.7 version.
You can find more information about CVE-2021-36696 at the following link: [https://www.r29k.com/articles/bb/stored-xss-in-deskpro#anchor2](https://www.r29k.com/articles/bb/stored-xss-in-deskpro#anchor2)