BeyondTrust Secure Remote Access Base XSS (CVE-2021-31589)
Description
BeyondTrust Secure Remote Access Base contains a cross-site scripting (XSS) vulnerability (CVE-2021-31589) due to insufficient input sanitization. This flaw allows attackers to inject malicious scripts into web pages viewed by other users, potentially compromising user sessions and sensitive data.
Remediation
Apply the following remediation steps:
1. Upgrade BeyondTrust Secure Remote Access Base to the latest patched version that addresses CVE-2021-31589. Consult BeyondTrust's security advisories for the specific version that resolves this vulnerability.
2. Until patching is complete, implement the following compensating controls:
- Deploy Web Application Firewall (WAF) rules to filter malicious script injection attempts
- Enable Content Security Policy (CSP) headers to restrict script execution sources
- Educate users to avoid clicking untrusted links to the application
3. After upgrading, verify the fix by testing previously vulnerable input fields with XSS payloads to confirm proper sanitization is in place.
4. Review application logs for any suspicious activity that may indicate prior exploitation attempts.