Cross-site Scripting in yourls

🗓️ 20 Sep 2021 20:52:42Reported by GitHub Advisory DatabaseType

yourls software vulnerable to Cross-site Scripting in edit dialo

Reporter	Title	Published	Views	Family All 8
CVE	CVE-2021-3785	15 Sep 202112:15	–	cve
Cvelist	CVE-2021-3785 Cross-site Scripting (XSS) - Stored in yourls/yourls	15 Sep 202112:05	–	cvelist
CNVD	YOURLS Cross-Site Scripting Vulnerability	23 May 202200:00	–	cnvd
OSV	Cross-site Scripting in yourls	20 Sep 202120:42	–	osv
OSV	CVE-2021-3785	15 Sep 202112:15	–	osv
Prion	Cross site scripting	15 Sep 202112:15	–	prion
Huntr	Cross-site Scripting (XSS) - Stored in yourls/yourls	24 Aug 202117:08	–	huntr
NVD	CVE-2021-3785	15 Sep 202112:15	–	nvd

Vulners

Node

yourls yourlsRange<1.8.2

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-3785
github	www.github.com/yourls/yourls/commit/1d8e224ebabb8a4c75b97f026950ed710faab0ff
huntr	www.huntr.dev/bounties/b4085d13-54fa-4419-a2ce-1d780cc31638
github	www.github.com/advisories/GHSA-m9fq-c9hp-59g7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Sep 2021 20:42Current

5.5Medium risk

Vulners AI Score5.5

CVSS23.5

CVSS35.4 - 8.8

EPSS0.00318

CWE-79