id: CVE-2021-37216 info: name: QSAN Storage Manager prior to v3.3.3 Reflected XSS author: dwisiswant0 severity: medium description: | QSAN Storage Manager header page parameters does not filter special characters. Remote attackers can inject JavaScript without logging in and launch reflected XSS attacks to access and modify specific data. reference: - https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37216 cwe-id: CWE-79 tags: cve,cve2021,xss,qsan,storage requests: - method: GET path: - "{{BaseURL}}/http_header.php" headers: X-Trigger-XSS: "" matchers-condition: and matchers: - type: word part: body words: - '"HTTP_X_TRIGGER_XSS":""' - type: word part: header words: - "text/html" - type: dsl dsl: - "!contains(tolower(all_headers), 'x-xss-protection')"