Lucene search
SnykCVELIST:CVE-2021-23411HistoryJul 21, 2021 - 2:50 p.m.
CVE-2021-23411 Cross-site Scripting (XSS)
2021-07-2114:50:11
snyk
www.cve.org
2
vulnerability
package
xss
user input
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
36.4%
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the main functionality. It accepts input that can result in the output (an anchor a tag) containing undesirable Javascript code that can be executed upon user interaction.
CNA Affected
[
{
"product": "anchorme",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]Related
cnvd
cnvd
AnchorMe Cross-Site Scripting Vulnerability
2021-09-07 00:00:00
github
github
Cross-site scripting in anchorme
2021-07-26 21:23:58
prion
prion
Cross site scripting
2021-07-21 15:15:00
nvd
nvd
CVE-2021-23411
2021-07-21 15:15:15
osv
osv
Cross-site scripting in anchorme
2021-07-26 21:23:58
cve
cve
CVE-2021-23411
2021-07-21 15:15:15
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS
0.001
Percentile
36.4%
Related for CVELIST:CVE-2021-23411