CVE-2021-25975 in Publifyinformação

Sumário

de MITRE • 10/11/2021

In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a result of an unrestricted file upload. This issue allows a user with “publisher” role to inject malicious JavaScript via the uploaded html file.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsável

WhiteSource

Reservar

22/01/2021

Divulgação

10/11/2021

Moderação

aceite

Entrada

VDB-186482

CPE

pronto

EPSS

0.00578

KEV

não

Atividades

muito baixo

Fontes

Want to stay up to date on a daily basis?

Enable the mail alert feature now!