cvedb.io
CVE-2021-42856
MEDIUM · CVSS 4.7
EPSS exploitation probability: 0%
Published 2022-03-10T17:44:07.997 · Last modified 2026-06-17T04:10:12.910

Summary

It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting (XSS) attack. It was noted that the Metric parameter does not have any input checks on the user input that allows an attacker to craft its own malicious payload to trigger a XSS vulnerability.

Affected products

riverbed — steelcentral_appinternals_dynamic_sampling_agent

Does this affect you?

Add your gear to cvedb and we'll alert you only when riverbed ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.