Arbitrary Web Script Injection Vulnerability in SquaredUp for SCOM Image Tile

Arbitrary Web Script Injection Vulnerability in SquaredUp for SCOM Image Tile

CVE-2021-40092 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A cross-site scripting (XSS) vulnerability in Image Tile in SquaredUp for SCOM 5.2.1.6654 allows remote attackers to inject arbitrary web script or HTML via an SVG file.

Learn more about our Web App Pen Testing.