VYPR
Unrated severityNVD Advisory· Published Mar 3, 2026· Updated Mar 4, 2026

CVE-2021-35483

CVE-2021-35483

Description

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload JavaScript files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editing of an existing one. If an authenticated user visits the web page where the file is published, the JavaScript code is executed.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nokia/IMPACTcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <= 19.11.2.10-20210118042150283

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.