Security Advisory

CVE-2021-36387

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-14 18:01:38

Last updated 2024-08-04 00:54:51

Assigner mitre

State PUBLISHED

Description

In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the page "ActivityStreamAjax.i4".

← Browse all CVEs View on cve.org ↗