CVE-2021-38087

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
12/08/2021
Last modified:
20/08/2021

Description

Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:* 15 (excluding)
cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*
cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*


References to Advisories, Solutions, and Tools