Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-33570
HistoryMay 25, 2021 - 10:15 p.m.

CVE-2021-33570

2021-05-2522:15:10
Google
osv.dev
6
postbird
xss
postgresql
stored
img element
xmlhttprequest
file url
localstorage
savedconnections

AI Score

5.4

Confidence

High

EPSS

0.005

Percentile

76.6%

JSON

Postbird 0.8.4 allows stored XSS via the onerror attribute of an IMG element in any PostgreSQL database table. This can result in reading local files via vectors involving XMLHttpRequest and open of a file:/// URL, or discovering PostgreSQL passwords via vectors involving Window.localStorage and savedConnections.

Related

cvelist 1
packetstorm 1
exploitdb 1
zdt 1
cve 1
prion 1
nvd 1
cvelist
cvelist
CVE-2021-33570
2021-05-25 21:06:34
packetstorm
packetstorm
Postbird 0.8.4 Cross Site Scripting / Local File Inclusion
2021-05-27 00:00:00
exploitdb
exploitdb
Postbird 0.8.4 - Javascript Injection
2021-05-27 00:00:00
zdt
zdt
Postbird 0.8.4 - Javascript Injection Exploit
2021-05-27 00:00:00
cve
cve
CVE-2021-33570
2021-05-25 22:15:10
prion
prion
Cross site scripting
2021-05-25 22:15:00
nvd
nvd
CVE-2021-33570
2021-05-25 22:15:10

AI Score

5.4

Confidence

High

EPSS

0.005

Percentile

76.6%

JSON
Related for OSV:CVE-2021-33570
cvelist1packetstorm1exploitdb1zdt1cve1prion1nvd1