Lucene search
GoogleOSV:CVE-2021-23260HistoryDec 02, 2021 - 4:15 p.m.
CVE-2021-23260
2021-12-0216:15:07
Google
osv.dev
2
Authenticated users with Site roles may inject XSS scripts via file names that will execute in the browser for this and other users of the same site.
| CPE | Name | Operator | Version |
|---|---|---|---|
| craftercms | eq | 3.1.7 | |
| craftercms | eq | 3.1.11 | |
| craftercms | eq | 3.1.5 | |
| craftercms | eq | 3.1.4 | |
| craftercms | eq | 3.1.10 | |
| craftercms | eq | 3.1.9 | |
| craftercms | eq | 3.1.0 | |
| craftercms | eq | 3.1.6 | |
| craftercms | eq | 3.1.8 | |
| craftercms | eq | 3.1.1 |
Related
prion
prion
Design/Logic Flaw
2021-12-02 16:15:00
cnvd
cnvd
Crafter CMS Cross-Site Scripting Vulnerability
2021-12-04 00:00:00
cve
cve
CVE-2021-23260
2021-12-02 16:15:07
cvelist
cvelist
nvd
nvd
CVE-2021-23260
2021-12-02 16:15:07