Seafile 7.0.5 server version is vulnerable to Persistent XSS via share library functionality. Remote attacker with local account can share specially created library with malicious JavaScript code to other users, leading to execution of the code via notification message in victim account
Reporter | Title | Published | Views | Family All 8 |
---|---|---|---|---|
![]() | CVE-2021-30146 | 6 Apr 202115:51 | – | cvelist |
![]() | CVE-2021-30146 | 6 Apr 202116:15 | – | debiancve |
![]() | CVE-2021-30146 | 6 Apr 202116:15 | – | cve |
![]() | CVE-2021-30146 | 6 Apr 202116:15 | – | nvd |
![]() | CVE-2021-30146 | 6 Apr 202100:00 | – | ubuntucve |
![]() | Seafile Cross-Site Scripting Vulnerability | 7 Apr 202100:00 | – | cnvd |
![]() | CVE-2021-30146 | 6 Apr 202116:15 | – | osv |
![]() | Cross site scripting | 6 Apr 202116:15 | – | prion |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo