CVE-2021-30213

MEDIUM NUCLEI

Knowage Suite 7.3 - XSS

Title source: llm

Description

Knowage Suite 7.3 is vulnerable to unauthenticated reflected cross-site scripting (XSS). An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter.

Nuclei Templates (1)

Knowage Suite 7.3 - Cross-Site Scripting

MEDIUMby alph4byt3

References (1)

[Exploit, Third Party Advisory] https://github.com/piuppi/Proof-of-Concepts/blob/main/Engineering/XSS-KnowageSuite7-3_unauth.md

View Exploit ZIP pw:eip

Scores

CVSS v3 6.1

EPSS 0.0377

EPSS Percentile 88.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

eng/knowage 7.3.0

Published May 12, 2021

Tracked Since Feb 18, 2026