CVE-2021-35361

2021-07-0922:15:08

Google

osv.dev

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.1%

JSON

A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/links of dotCMS 21.05.1 allows attackers to execute arbitrary commands or HTML via a crafted payload.

CPENameOperatorVersion
coreeq3.5
coreeq3.5_Preview02
coreeq21.05
coreeq5.3.7
coreeq20.10.1
coreeq3.2
coreeq3.6.1
coreeq5.3.2
coreeqpre3.5buildrevert
coreeq21.05.1