CVE-2021-44310 Information

Description

An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Reference

https://brainy-sternum-995.notion.site/CVE-2021-44310-Reserved-e9efc897f9944464b8807d44c6fc21df

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

4.8