Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-21418
HistoryMar 31, 2021 - 6:15 p.m.

CVE-2021-21418

2021-03-3118:15:14
Google
osv.dev
10
cve-2021-21418
prestashop
ps_emailsubscription
injection vulnerability
newsletter condition field
front office
software
fix 2.6.1

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

31.7%

JSON

ps_emailsubscription is a newsletter subscription module for the PrestaShop platform. An employee can inject javascript in the newsletter condition field that will then be executed on the front office The issue has been fixed in 2.6.1

Related

cvelist 1
veracode 1
osv 1
cve 1
github 1
prion 1
nvd 1
cvelist
cvelist
CVE-2021-21418 Potential XSS injection in the newsletter conditions field
2021-03-31 17:35:15
veracode
veracode
Cross-site Scripting (XSS)
2021-04-01 03:43:07
osv
osv
Potential XSS injection in the newsletter conditions field
2021-04-06 17:24:14
cve
cve
CVE-2021-21418
2021-03-31 18:15:14
github
github
Potential XSS injection in the newsletter conditions field
2021-04-06 17:24:14
prion
prion
Race condition
2021-03-31 18:15:00
nvd
nvd
CVE-2021-21418
2021-03-31 18:15:14

AI Score

6.8

Confidence

High

EPSS

0.001

Percentile

31.7%

JSON
Related for OSV:CVE-2021-21418
cvelist1veracode1osv1cve1github1prion1nvd1