CVE-2021-43960

low-risk

Published 2022-01-12

Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title, Page Instructions, Text before, Text after, or Text on side box. Once this has been done, the administrator must click save and finally wait until any user of the application performs a booking for rental items in the booking area of the application, where the XSS triggers. NOTE: another perspective is that the administrator may require JavaScript to customize any aspect of the page rendering. There is no effective way for the product to defend users in the face of a malicious administrator

Do I need to act?

0.36% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 4.8/10 Medium

NETWORK / LOW complexity

Affected Products (1)

Connect2

Affected Vendors

Lorensbergs

References (4)

Product https://www.lorensbergs.co.uk/products/connect2-academic/

Exploit https://www.surecloud.com/resources/blog/lorensbergs-connect2-cross-site-scripti...

Product https://www.lorensbergs.co.uk/products/connect2-academic/

Exploit https://www.surecloud.com/resources/blog/lorensbergs-connect2-cross-site-scripti...

/ 100

low-risk

Severity 19/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal