CVE-2021-22503 MEDIUM

CVE-2021-22503: Improper Neutralization of Input During Web Page Generation Vulnerability

Vendor Opentext
Product eDirectory
Weakness CWE-79 · XSS
Published September 12, 2024
Last update September 12, 2024
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.

Key dates

02Disclosure timeline

September 12, 2024 CVE published
September 12, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-54209 WordPress Awesome Shortcodes plugin <= 1.7.2 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-26030 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2023-30619 XSS in the tooltip via an artifact title CVE-2025-39520 WordPress Checkout Files Upload for WooCommerce plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability CVE-2025-62898 WordPress Links shortcode plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability