CVE-2021-43960

Severity Score

4.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title, Page Instructions, Text before, Text after, or Text on side box. Once this has been done, the administrator must click save and finally wait until any user of the application performs a booking for rental items in the booking area of the application, where the XSS triggers. NOTE: another perspective is that the administrator may require JavaScript to customize any aspect of the page rendering. There is no effective way for the product to defend users in the face of a malicious administrator

** EN DISPUTA ** Lorensbergs Connect2 versión 3.13.7647.20190 está afectado por una vulnerabilidad de tipo XSS. La explotación requiere privilegios de administrador y se lleva a cabo mediante el editor Wizard de la aplicación. El ataque requiere que un administrador entre en el editor del Wizard e introduzca una carga útil de tipo XSS dentro del título de la página, las instrucciones de la página, el texto anterior, el texto posterior o el texto lateral. Una vez hecho esto, el administrador debe hacer clic en guardar y finalmente esperar a que cualquier usuario de la aplicación lleve a cabo una reserva de artículos de alquiler en el área de reservas de la aplicación, donde es desencadenado el ataque de tipo XSS. NOTA: otra perspectiva es que el administrador puede requerir JavaScript para personalizar cualquier aspecto de la representación de la página. No se presenta ninguna forma efectiva de que el producto defienda a usuarios frente a un administrador malicioso

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

Required

Scope

Changed

Confidentiality

Low

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Medium

Authentication

Single

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-11-17 CVE Reserved
2022-01-12 CVE Published
2024-02-08 EPSS Updated
2024-08-04 CVE Updated
2024-08-04 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (2)

URL	Tag	Source

URL	Date	SRC
https://www.surecloud.com/resources/blog/lorensbergs-connect2-cross-site-scripting	2024-08-04

URL	Date	SRC

URL	Date	SRC
https://www.lorensbergs.co.uk/products/connect2-academic	2024-05-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Lorensbergs Search vendor "Lorensbergs"		Connect2 Search vendor "Lorensbergs" for product "Connect2"				3.13.7647.20190 Search vendor "Lorensbergs" for product "Connect2" and version "3.13.7647.20190"		-		Affected