CVE-2021-21935

December 28, 2021

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter2’ parameter. This can be done as any authenticated user or through cross-site request forgery.

Summary:

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter2’ parameter. This can be done as any authenticated user or through cross-site request forgery.

Reference Links(if available):

  • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1366

  • CVSS Score (if available)

    v2: / MEDIUM

    v3: /

    Links to Exploits(if available)

  • You may have missed

    unlock membership

    Unveiling Blockchain Security: Safeguarding the Digital Ledger

    November 22, 2024
    news

    A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

    November 22, 2024
    news

    Scattered Spider Case: Five Arrested in Major Cybercrime Investigation

    November 22, 2024
    news

    BianLian Ransomware Group Updates Tactics: A Growing Risk to Critical Infrastructure

    November 22, 2024
    news

    Infostealer Malware Insights: VietCredCare vs. DuckTail in Vietnam

    November 22, 2024