exploitDog

CVE-2021-47843

Опубликовано: 15 янв. 2026

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Tagstoo 2.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious payloads through files or custom tags. Attackers can execute arbitrary JavaScript code to spawn system processes, access files, and perform remote code execution on the victim's computer.

Ссылки

https://imgur.com/a/smeAjaW
Exploit
https://tagstoo.sourceforge.io/
Product
https://www.exploit-db.com/exploits/49828
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tagstoo:tagstoo:2.0.1:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00051

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-m46h-g9fm-378f

CVSS3: 7.2

github

23 дня назад

Tagstoo 2.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious payloads through files or custom tags. Attackers can execute arbitrary JavaScript code to spawn system processes, access files, and perform remote code execution on the victim's computer.

EPSS

Процентиль: 16%

0.00051

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79