Unknown
CVE-2021-46827
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
CVE-2021-46827
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
An issue was discovered in Oxygen XML WebHelp before 22.1 build 2021082006 and 23.x before 23.1 build 2021090310. An XSS vulnerability in search terms proposals (in online documentation generated using Oxygen XML WebHelp) allows attackers to execute JavaScript by convincing a user to type specific text in the WebHelp output search field.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- oxygen publishing engine,
- oxygen publishing engine 22.1,
- oxygen publishing engine 23.1,
- oxygen xml author,
- oxygen xml author 22.1,
- oxygen xml author 23.1,
- oxygen xml developer,
- oxygen xml developer 22.1,
- oxygen xml developer 23.1,
- oxygen xml editor,
- oxygen xml editor 22.1,
- oxygen xml editor 23.1,
- oxygen xml webhelp,
- oxygen xml webhelp 22.1,
- oxygen xml webhelp 23.1
Weaknesses
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
