CVE-2021-47716
Multiple XSS Vulnerabilities in Orangescrum 1.8.0 Allow Script Injection
Publication date: 2025-12-23
Last updated on: 2025-12-23
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| orangescrum | orangescrum | 1.8.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47716 is a set of multiple cross-site scripting (XSS) vulnerabilities in Orangescrum version 1.8.0 that allow authenticated attackers to inject malicious JavaScript code through various input parameters such as 'projid', 'CS_message', and 'name'. These vulnerabilities include both reflected and stored XSS, where attackers submit crafted payloads via application endpoints. The malicious scripts can then execute in the browsers of other users, potentially compromising their sessions or data. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of CVE-2021-47716 on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability impact me? :
This vulnerability can allow attackers who have authenticated access to Orangescrum to inject and execute arbitrary JavaScript code in the browsers of other users. This can lead to session hijacking, privilege escalation, or other malicious actions such as stealing sensitive information or performing unauthorized actions on behalf of the victim user. The impact includes potential compromise of user accounts and data integrity within the application. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by sending authenticated HTTP POST requests with crafted payloads to the vulnerable endpoints and observing if the injected scripts are reflected or stored. For example, to test reflected XSS, send a POST request to /orangescrum/easycases/edit_reply with the 'projid' parameter containing a script payload like <script>alert(1)</script>. For stored XSS, send a POST request to /orangescrum/easycases/ajaxpostcase with parameters such as 'CS_message' or 'name' containing payloads like <img src=x onmouseover=alert(1)>. Monitoring the HTTP responses for reflected payloads or stored content in JSON or HTML responses indicates the presence of the vulnerability. Commands using curl might look like: 1) curl -i -X POST -b 'session_cookie=your_session' -d 'projid=<script>alert(1)</script>' https://target/orangescrum/easycases/edit_reply 2) curl -i -X POST -b 'session_cookie=your_session' -d 'CS_message=<img src=x onmouseover=alert(1)>' https://target/orangescrum/easycases/ajaxpostcase Note that authentication cookies or headers are required to perform these tests. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the Orangescrum application to trusted users only, ensuring that only authenticated users can access the vulnerable endpoints, and applying input validation and output encoding on all user-supplied parameters such as 'projid', 'CS_message', and 'name'. Additionally, updating Orangescrum to a version where this vulnerability is fixed (if available) is recommended. If an update is not immediately possible, consider implementing web application firewall (WAF) rules to detect and block malicious script payloads targeting these parameters. Educate users to be cautious with links and inputs within the application to reduce the risk of exploitation. [1, 2]