CVE-2021-22523

EUVD-2021-9665
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.6 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Affected Products (NVD)
VendorProductVersion
microfocusverastream_host_integrator
𝑥
< 7.8
microfocusverastream_host_integrator
7.8
microfocusverastream_host_integrator
7.8:update_1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.microfocus.com/kb/doc.php?id=7025169
https://support.microfocus.com/kb/doc.php?id=7025169