CVE-2021-47920
Unknown Unknown - Not Provided
Cross-Site Scripting in WebMO Job Manager Enables Session Hijacking

Publication date: 2026-02-01

Last updated on: 2026-02-01

Assigner: VulnCheck

Description
WebMO Job Manager 20.0 contains a cross-site scripting vulnerability in search parameters that allows remote attackers to inject malicious script code. Attackers can exploit the filterSearch and filterSearchType parameters to perform non-persistent attacks including session hijacking and external redirects.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-01
Last Modified
2026-02-01
Generated
2026-06-16
AI Q&A
2026-02-01
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47920
EUVD
EUVD-2021-34751
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
webmo webmo_job_manager to 21.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47920 is a reflected cross-site scripting (XSS) vulnerability in WebMO Job Manager version 20.0. It occurs because the application does not properly neutralize input in the search parameters 'filterSearch' and 'filterSearchType'. This allows remote attackers to inject malicious script code via crafted URLs, which is then executed in the victim's browser. The attack is non-persistent and can lead to session hijacking and external redirects. [1, 2]

Impact Analysis

This vulnerability can impact you by allowing attackers to hijack user sessions, redirect users to malicious external websites, perform phishing attacks, and manipulate application modules. Exploitation requires minimal user interaction and no authentication, making it a significant risk for users of WebMO Job Manager 20.0. The injected scripts can execute arbitrary JavaScript in the victim's browser, potentially compromising user data and security. [1, 2]

Detection Guidance

This vulnerability can be detected by testing the WebMO Job Manager's search functionality for reflected cross-site scripting (XSS) in the filterSearch and filterSearchType parameters. One way is to send crafted HTTP GET requests with script tags in these parameters and observe if the script is reflected and executed in the response. For example, you can use curl or a browser to send a request like: curl -v "https://<target>/cgi-bin/webmo/jobmgr.cgi?filterSearch=785101"><script>alert(1337)</script>&filterSearchType=" and check if the response contains the injected script code unescaped. Monitoring web server logs for suspicious requests containing script tags in these parameters can also help detect attempts to exploit this vulnerability. [2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the WebMO Job Manager interface to trusted users only, applying input validation and sanitization on the filterSearch and filterSearchType parameters to prevent script injection, and updating WebMO Job Manager to a version where this vulnerability is fixed if available. Additionally, educating users to avoid clicking on suspicious links and monitoring for unusual activity can help reduce risk until a patch is applied. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47920. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart