Lucene search

Cross site scripting via HTML attributes in the back end

🗓️ 25 Aug 2021 14:01:45Reported by GitHub Advisory DatabaseType

Cross site scripting risk in back en

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2021-35955	12 Aug 202115:15	–	cve
OSV	Cross site scripting via HTML attributes in the back end	25 Aug 202114:45	–	osv
OSV	CVE-2021-35955	12 Aug 202115:15	–	osv
Contao	Cross site scripting via HTML attributes in the back end	11 Aug 202100:00	–	contao
Friends Of PHP	Cross site scripting via HTML attributes in the back end	1 Jan 197000:00	–	friendsofphp
Friends Of PHP	Cross site scripting via HTML attributes in the back end	1 Jan 197000:00	–	friendsofphp
Cvelist	CVE-2021-35955	12 Aug 202114:33	–	cvelist
Prion	Design/Logic Flaw	12 Aug 202115:15	–	prion
NVD	CVE-2021-35955	12 Aug 202115:15	–	nvd

Vulners

Node

contao core\-bundleRange4.10.0–4.11.7

contao core\-bundleRange4.5.0–4.9.18

contao contaoRange4.10.0–4.11.7

contao contaoRange4.5.0–4.9.18

contao contaoRange4.0.0–4.4.56

contao core\-bundleRange4.0.0–4.4.56

Source	Link
github	www.github.com/contao/contao/security/advisories/GHSA-hr3h-x6gq-rqcp
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-35955
contao	www.contao.org/en/news/contao-4-9-16-and-4-11-5-are-available.html
contao	www.contao.org/en/security-advisories/cross-site-scripting-via-html-attributes-in-the-back-end.html
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/contao/contao/CVE-2021-35955.yaml
github	www.github.com/FriendsOfPHP/security-advisories/blob/master/contao/core-bundle/CVE-2021-35955.yaml
github	www.github.com/advisories/GHSA-hr3h-x6gq-rqcp

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 Aug 2021 14:45Current

5.5Medium risk

Vulners AI Score5.5

CVSS23.5

CVSS34.8

EPSS0.00515

CWE-79