CVE-2021-31589 – BeyondTrust Remote Support 6.0 Cross Site Scripting

https://notcve.org/view.php?id=CVE-2021-31589

A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization. Se ha notificado y confirmado una vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) para la versión 6.0.1 y anteriores del software de base de acceso remoto seguro de BeyondTrust, que permite la inyección de solicitudes web no autenticadas y especialmente diseñadas sin el saneamiento adecuado BeyondTrust Remote Support versions 6.0 and below suffer from a cross site scripting vulnerability. • https://github.com/karthi-the-hacker/CVE-2021-31589 http://packetstormsecurity.com/files/165408/BeyondTrust-Remote-Support-6.0-Cross-Site-Scripting.html https://cxsecurity.com/issue/WLB-2022010013 https://www.beyondtrust.com/docs/release-notes/index.htm • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •