CVE-2021-42121
MEDIUMTopEase <= 7.1.27 - Authenticated Denial of Service via Date Field Input Validation
Title source: llmDescription
Insufficient Input Validation in Web Applications operating on Business-DNA Solutions GmbH’s TopEase® Platform Version <= 7.1.27 on an object’s date attribute(s) allows an authenticated remote attacker with Object Modification privileges to insert an unexpected format into date fields, which leads to breaking the object page that the date field is present.
References (1)
Core 1
Core References
Release Notes, Vendor Advisory x_refsource_confirm
https://confluence.topease.ch/confluence/display/DOC/Release+Notes
Scores
CVSS v3
4.3
EPSS
0.0100
EPSS Percentile
58.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Details
CWE
CWE-20
Status
published
Products (1)
businessdnasolutions/topease
< 7.1.27
Published
Nov 30, 2021
Tracked Since
Feb 18, 2026