CVE-2021-30056
Published
CVSS v3
5.4
MEDIUM
CVSS v2
3.5
LOW
Affected
1
PROJECT
Description
Knowage Suite before 7.4 is vulnerable to reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in /restful-services/publish via the 'EXEC_FROM' parameter that can lead to data leakage.
As a result of researching bugs, I often come across new and interesting vulnerabilities. I finally decided to create a centralized repository for proof of concepts. Everything is sorted by vendor with subdirectories for each product.
GitHub