CVE-2021-31521

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.4%
top 39.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Trend Micro Trend Micro Interscan WEB Security Virtual ApplianceTrendmicro Interscan WEB Security Virtual Appliance
Timeline
PublishedJun 17
Latest updateMay 24

Description

Trend Micro InterScan Web Security Virtual Appliance version 6.5 was found to have a reflected cross-site scripting (XSS) vulnerability in the product's Captive Portal.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

Patches

Patch: success.trendmicro.comPatch: success.trendmicro.com

🔴Vulnerability Details

2
GHSA
GHSA-2fwg-qc8c-frhr: Trend Micro InterScan Web Security Virtual Appliance version 62022-05-24
CVEList
CVE-2021-31521: Trend Micro InterScan Web Security Virtual Appliance version 62021-06-17
CVE-2021-31521 (MEDIUM CVSS 5.4) | Trend Micro InterScan Web Security | cvebase.io