Lucene search
China National Vulnerability DatabaseCNVD-2021-102003HistoryDec 12, 2021 - 12:00 a.m.
Belloo Cross-Site Scripting Vulnerability
2021-12-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
cross-site scripting
belloo
4.2.7.7
data validation
instagram
javascript
EPSS
0.001
Percentile
37.9%
A cross-site scripting vulnerability exists in versions of Belloo prior to 4.2.7.7, which allows attackers to filter user-supplied data and output data via the aerror_ description parameter in the assets/sources/instagram.php script. description parameter in the assets/sources/instagram.php script lacks a data validation filter for user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
prion
prion
Cross site scripting
2021-12-09 16:15:00
cvelist
cvelist
CVE-2021-41697
2021-12-09 15:35:25
cve
cve
CVE-2021-41697
2021-12-09 16:15:08
nvd
nvd
CVE-2021-41697
2021-12-09 16:15:08