Cross Site Scripting (XSS) vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1) backups\\backups.php, 2) blocks\\blocks.php, 3) brands\\brands.php, 4) comments\\comments.php, 5) coupons\\coupons.php, 6) feeds\\feeds.php, 7) functions\\functions.php, 8) items\\items.php, 9) menus\\menus.php, 10) orders\\orders.php, 11) payment_methods\\payment_methods.php, 12) products\\products.php, 13) profiles\\profiles.php, 14) shipping_methods\\shipping_methods.php, 15) templates\\templates.php, 16) users\\users.php, 17) webdictionary\\webdictionary.php, 18) websites\\websites.php, and 19) webusers\\webusers.php because the initial_url function is built in these files.
Find out more about CVE-2021-36454 from the MITRE-CVE dictionary and NIST NVD
Login may be required to access defects or downloads.
| Product Name | Status | Defect | Fixed | Downloads |
|---|---|---|---|---|
| Linux | ||||
| Wind River Linux LTS 17 | Not Vulnerable | -- | -- | -- |
| Wind River Linux 8 | Not Vulnerable | -- | -- | -- |
| Wind River Linux 9 | Not Vulnerable | -- | -- | -- |
| Wind River Linux 7 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 21 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 22 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 18 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 19 | Not Vulnerable | -- | -- | -- |
| Wind River Linux CD release | Not Vulnerable | -- | -- | -- |
| Wind River Linux 6 | Not Vulnerable | -- | -- | -- |
| Wind River Linux LTS 23 | Not Vulnerable | -- | -- | -- |
| VxWorks | ||||
| VxWorks 7 | Not Vulnerable | -- | -- | -- |
| VxWorks 6.9 | Not Vulnerable | -- | -- | -- |
| Helix Virtualization Platform Cert Edition | ||||
| Helix Virtualization Platform Cert Edition | Not Vulnerable | -- | -- | -- |
| Product Name | Status | Defect | Fixed | Downloads |
|---|
