EPSS
Percentile
24.8%
A cross-site scripting (XSS) vulnerability exists in the contact us plugin for Subrion CMS <= 4.2.1 version via List of subjects. This can be exploited by someone with administrative privileges when they log in to the admin panel.
contact us
List of subjects
github.com/intelliants/subrion-plugin-contact_us
github.com/intelliants/subrion-plugin-contact_us/issues/8
nvd.nist.gov/vuln/detail/CVE-2021-41948