CVE-2021-38087: XSS
First published: Thu Aug 12 2021(Updated: )
Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Acronis Cyber Protect | <15 | |
| Acronis Cyber Protect | =15 | |
| Acronis Cyber Protect | =15-update1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-38087.
What is the severity level of CVE-2021-38087?
CVE-2021-38087 has a severity level of medium (6.1).
How does the vulnerability impact Acronis Cyber Protect 15?
The reflected cross-site scripting (XSS) vulnerability in CVE-2021-38087 could allow attackers to execute malicious scripts on the login page of Acronis Cyber Protect 15 prior to build 27009.
Has Acronis provided a fix for CVE-2021-38087?
Yes, Acronis has provided a fix for CVE-2021-38087. It is recommended to update to build 27009 or later to resolve the vulnerability.
Where can I find more information about CVE-2021-38087?
More information about CVE-2021-38087 can be found at the Acronis Knowledge Base article: https://kb.acronis.com/content/68564
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/tags
- agent/event
- vendor/acronis
- canonical/acronis cyber protect
- version/acronis cyber protect/15
- version/acronis cyber protect/15-update1