Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on an object’s date attribute(s) allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads to breaking the object page that the date field is present.
References
Link | Resource |
---|---|
https://confluence.topease.ch/confluence/display/DOC/Release+Notes | Release Notes Vendor Advisory |
https://confluence.topease.ch/confluence/display/DOC/Release+Notes | Release Notes Vendor Advisory |
Configurations
History
21 Nov 2024, 06:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://confluence.topease.ch/confluence/display/DOC/Release+Notes - Release Notes, Vendor Advisory |
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
Summary | Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on an object’s date attribute(s) allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads to breaking the object page that the date field is present. |
Information
Published : 2021-11-30 12:15
Updated : 2024-11-21 06:27
NVD link : CVE-2021-42121
Mitre link : CVE-2021-42121
CVE.ORG link : CVE-2021-42121
JSON object : View
Products Affected
businessdnasolutions
- topease
CWE
CWE-20
Improper Input Validation