Lucene search

VulDBCVELIST:CVE-2021-4267

HistoryDec 21, 2022 - 12:00 a.m.

CVE-2021-4267 tad_discuss cross site scripting

2022-12-2100:00:00

CWE-707

VulDB

www.cve.org

tad_discuss

cross site scripting

discusstitle

af94d034ff8db642d05fd8788179eab05f433958

vdb-216469

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

31.1%

JSON

A vulnerability classified as problematic was found in tad_discuss. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DiscussTitle leads to cross site scripting. The attack can be launched remotely. The name of the patch is af94d034ff8db642d05fd8788179eab05f433958. It is recommended to apply a patch to fix this issue. The identifier VDB-216469 was assigned to this vulnerability.

CNA Affected

[
  {
    "vendor": "unspecified",
    "product": "tad_discuss",
    "versions": [
      {
        "version": "n/a",
        "status": "affected"
      }
    ]
  }
]

References

github.com/tad0616/tad_discuss/commit/af94d034ff8db642d05fd8788179eab05f433958

github.com/tad0616/tad_discuss/pull/19

vuldb.com/?id.216469

CVSS3

3.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

31.1%

JSON

Related for CVELIST:CVE-2021-4267