PT-2021-16514 · Suse · Rancher

Jono-Suse-Rancher

Published

2021-03-05

Updated

2022-05-24

CVE-2021-25313

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions: SUSE Rancher Rancher versions prior to 2.5.6

Description: A Cross-site Scripting vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links.

Recommendations: For SUSE Rancher Rancher versions prior to 2.5.6, update to version 2.5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to malicious links to minimize the risk of exploitation.

Fix

RCE

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-25313

GHSA-6M8R-JH89-RQ7H

Affected Products

Rancher

PT-2021-16514 · Suse · Rancher

CVE-2021-25313

Weakness Enumeration

Related Identifiers

Affected Products

References · 9