Security Advisory

CVE-2021-3693

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-08-23 12:41:57

Last updated 2024-08-03 17:01:07

Assigner @huntrdev

State PUBLISHED

Description

LedgerSMB does not check the origin of HTML fragments merged into the browsers DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.

← Browse all CVEs View on cve.org ↗