CVE-2021-44042

CRITICAL Year: 2021
CVSS v3 Score
9.8
Critical
CVSS v2 Score
7.5
High
Weakness Type
CWE-116
View all →

Vulnerability Description

An issue was discovered in UiPath Assistant 21.4.4. User-controlled data supplied to the --process-start argument of the URI handler for uipath-assistant:// is not correctly encoded, resulting in attacker-controlled content being injected into the error message displayed (when the injected content does not match an existing process). A determined attacker could leverage this to execute JavaScript in the context of the Electron application.

Related Vulnerabilities

CVE-2017-8303

CRITICAL
CVSS:9.8(Critical)

An issue was discovered on Accellion FTA devices before FTA_9_12_180. seos/1000/find.api allows Remote Code Execution with shell metacharacters in the method parameter.

CWE-1162017

CVE-2018-15494

CRITICAL
CVSS:9.8(Critical)

In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.

CWE-1162018

CVE-2018-9246

CRITICAL
CVSS:9.8(Critical)

The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting i...

CWE-1162018

CVE-2018-9433

CRITICAL
CVSS:9.8(Critical)

In ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote code execution with no additional execution privileges needed...

CWE-1162018

CVE-2019-11325

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary...

CWE-1162019

CVE-2020-36599

CRITICAL
CVSS:9.8(Critical)

lib/omniauth/failure_endpoint.rb in OmniAuth before 1.9.2 (and before 2.0) does not escape the message_key value.

CWE-1162020