CVE-2021-45813

MEDIUM WAF: High

CVSS 6.1 Published: 2021-12-28

CWE-79

SLICAN WebCTI 1.01 2015 is affected by a Cross Site Scripting (XSS) vulnerability. The attacker can steal the user's session by injecting malicious JavaScript codes which leads to Session Hijacking and cause user's credentials theft.

WAF Coverage Analysis

Cross-Site Scripting (XSS) High WAF Coverage

OWASP: A03:2021 Injection

941xxx - XSS / XXE

Affected Software

Vendor	Product	Version
slican	webcti	1.01_2015

References

drive.google.com (Exploit, Third Party Advisory)

Back to CVE Database