CVE-2021-35204

Name of the Vulnerable Software and Affected Versions: NETSCOUT Systems nGeniusONE version 6.3.0 build 1196

Description: The issue concerns a Reflected Cross-Site Scripting (XSS) flaw in the support endpoint. This allows for malicious scripts to be injected and executed, potentially leading to unauthorized actions on the affected system.

Recommendations: For NETSCOUT Systems nGeniusONE version 6.3.0 build 1196, consider disabling access to the support endpoint until a patch is available. Restricting user input in this endpoint can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.