Lucene search
GoogleOSV:CVE-2021-25974HistoryNov 10, 2021 - 11:15 a.m.
CVE-2021-25974
2021-11-1011:15:07
Google
osv.dev
3
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article.
Related
cvelist
cvelist
CVE-2021-25974 Publify - Stored Cross-Site Scripting (XSS) in Editor
2021-11-10 11:10:12
cve
cve
CVE-2021-25974
2021-11-10 11:15:07
veracode
veracode
Cross-site Scripting (XSS)
2021-11-11 04:13:52
prion
prion
Design/Logic Flaw
2021-11-10 11:15:00
osv
osv
BIT-publify-2021-25974
2024-03-06 11:04:29
Cross site scripting in publify
2022-05-24 22:29:03
BIT-publify-2021-25975
2024-03-06 11:04:20
github
github
Cross site scripting in publify
2022-05-24 22:29:03
nvd
nvd
CVE-2021-25974
2021-11-10 11:15:07