CVE-2021-46253

Опубликовано: 01 фев. 2022

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

A cross-site scripting (XSS) vulnerability in the Create Post function of Anchor CMS v0.12.7 allows attackers to execute arbitrary web scripts or HTML.

Ссылки

https://anchorcms.com
Vendor Advisory
https://github.com/Nguyen-Trung-Kien/CVE/blob/main/CVE-2021-46253/CVE-2021-46253.pdf
Exploit
Third Party Advisory
https://anchorcms.com
Vendor Advisory
https://github.com/Nguyen-Trung-Kien/CVE/blob/main/CVE-2021-46253/CVE-2021-46253.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:anchorcms:anchor_cms:0.12.7:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00502

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-7r9c-fccw-3vrf