Security Advisory

CVE-2021-30058

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-05 10:45:40
Last updated 2024-08-03 22:24:59
Assigner mitre
State PUBLISHED

Description

Knowage Suite before 7.4 is vulnerable to cross-site scripting (XSS). An attacker can inject arbitrary external script in /knowagecockpitengine/api/1.0/pages/execute via the SBI_HOST parameter.