{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T00:43:46.753","vulnerabilities":[{"cve":{"id":"CVE-2021-30174","sourceIdentifier":"twcert@cert.org.tw","published":"2021-05-11T06:15:06.860","lastModified":"2024-11-21T06:03:27.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"RiyaLab CloudISO event item is added, special characters in specific field of time management page are not properly filtered, which allow remote authenticated attackers can inject malicious JavaScript and carry out stored XSS (Stored Cross-site scripting) attacks."},{"lang":"es","value":"Es agregado el elemento de evento RiyaLab CloudISO, los caracteres especiales en un campo específico de la página de administración del tiempo no son filtrados apropiadamente, permitiendo a unos atacantes autenticados remotos puedan inyectar JavaScript malicioso y realizar ataques de tipo XSS (Stored Cross-site scripting) almacenado"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ruiyanai:cloudiso:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.2a","matchCriteriaId":"0DC5298E-5671-4BFD-A37F-3104AB4BFE60"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-4718-f16df-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-4718-f16df-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}