Critical severity9.8NVD Advisory· Published Dec 16, 2021· Updated Jun 17, 2026
CVE-2021-45092
CVE-2021-45092
Description
Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Thinfinity VirtualUI/Thinfinity VirtualUIdescription
- Range: <3.0
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/166068/Thinfinity-VirtualUI-2.5.41.0-IFRAME-Injection.htmlnvdThird Party AdvisoryVDB Entry
- github.com/cybelesoft/virtualui/issues/2nvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.