CVE-2021-44310

EUVD-2021-31153
An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.8 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Affected Products (NVD)
VendorProductVersion
firmware_analysis_and_comparison_tool_projectfirmware_analysis_and_comparison_tool
3.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://brainy-sternum-995.notion.site/CVE-2021-44310-Reserved-e9efc897f9944464b8807d44c6fc21df
https://brainy-sternum-995.notion.site/CVE-2021-44310-Reserved-e9efc897f9944464b8807d44c6fc21df