|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-12-12 | |
| Rule Name: | Thinfinity Iframe Injection Vulnerability (CVE-2021-45092) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | http://packetstormsecurity.com/files/166068/Thinfinity-VirtualUI-2.5.41.0-IFRAME-Injection.html https://github.com/cybelesoft/virtualui/issues/2 |
|
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |