Lucene search
MitreCVE-2021-46875HistoryMar 12, 2023 - 5:15 a.m.
CVE-2021-46875
2023-03-1205:15:11
CWE-79
mitre
web.nvd.nist.gov
26
cve-2021-46875
ez platform
ibexa kernel
xss
javascript
security vulnerability
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.1%
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file.
Affected configurations
Node
ibexaez_platform_kernelRange1.2.0–1.2.5.1
ORibexaez_platform_kernelRange1.3.0–1.3.1.1
ORibexaez_platform_kernelRange6.13.0–6.13.8.2
ORibexaez_platform_kernelRange7.5.0–7.5.15.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibexa | ez_platform_kernel | * | cpe:2.3:o:ibexa:ez_platform_kernel:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2021-46875
2023-03-12 05:15:11
prion
prion
Design/Logic Flaw
2023-03-12 05:15:00
osv
osv
Cross Site Scripting in eZ Platform Ibexa Kernel
2023-03-12 06:30:21
cvelist
cvelist
CVE-2021-46875
2023-03-12 00:00:00
github
github
Cross Site Scripting in eZ Platform Ibexa Kernel
2023-03-12 06:30:21
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
33.1%
Related for CVE-2021-46875