CVE-2021-26702 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in EPrints affects v. 3.4.2.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Url
Toolbox
-
EPrints is a widely used open-source software designed for building and managing digital repositories. It was developed by the University of Southampton's School of Electronics and Computer Science to facilitate the creation of online archives, such as institutional repositories, journals, and data repositories. The software provides a robust platform for storing, organizing, and distributing digital content, including documents, images, videos, and audio recordings.
CVE-2021-26702 is a vulnerability that was discovered in EPrints 3.4.2. This vulnerability involves a reflected cross-site scripting (XSS) attack that can be exploited by an attacker to inject malicious code into a user's browser. This vulnerability occurs in the cgi/dataset_dictionary URI, specifically in the dataset parameter. This issue could allow an attacker to gain unauthorized access to sensitive information, including login credentials, personal data, and financial information.
When exploited, this vulnerability can have severe consequences for users and their digital assets. An attacker can use this vulnerability to steal sensitive information, including passwords, credit card information, and Social Security numbers, among others. They can then use this data to commit various forms of cybercrime, such as identity theft, financial fraud, and phishing attacks. Moreover, an attacker can use this vulnerability to spread malware and viruses, infecting other users' digital assets.
At securityforeveryone.com, we're committed to providing our clients with the latest information on digital vulnerabilities that can compromise their assets. With our pro features, users can quickly and efficiently identify and remediate vulnerabilities in their digital assets, protecting their data and privacy. Our platform provides a comprehensive suite of security tools and features, including vulnerability scans, penetration testing, and security assessments, to ensure that our clients are always up-to-date with the latest threats and risks. With securityforeveryone.com, you can rest assured that your digital assets are always secure.
REFERENCES
control security posture