Lucene search
GoogleOSV:CVE-2021-44116HistoryDec 15, 2021 - 10:15 p.m.
CVE-2021-44116
2021-12-1522:15:07
Google
osv.dev
5
Cross Site Scripting (XSS) vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve the purpose of obtaining the administrator cookie, thereby achieving other malicious operations.
| CPE | Name | Operator | Version |
|---|---|---|---|
| anchor-cms | eq | 0.8.2 | |
| anchor-cms | eq | 0.9.1 | |
| anchor-cms | eq | 0.12.1 | |
| anchor-cms | eq | 0.12 | |
| anchor-cms | eq | 0.9.3-b | |
| anchor-cms | eq | 0.4 | |
| anchor-cms | eq | 0.9 | |
| anchor-cms | eq | 0.12.3 | |
| anchor-cms | eq | 0.5 | |
| anchor-cms | eq | 0.9.3-a |
Related
cve
cve
CVE-2021-44116
2021-12-15 22:15:07
cnvd
cnvd
Anchor Cross-Site Scripting Vulnerability (CNVD-2021-103514)
2021-12-17 00:00:00
prion
prion
Cross site scripting
2021-12-15 22:15:00
gitlab
gitlab
veracode
veracode
Cross-Site Scripting (XSS)
2021-12-16 06:00:40
cvelist
cvelist
CVE-2021-44116
2021-12-15 22:00:46
osv
osv
Cross-site Scripting in Anchor CMS
2022-01-05 14:54:36
nvd
nvd
CVE-2021-44116
2021-12-15 22:15:07
github
github
Cross-site Scripting in Anchor CMS
2022-01-05 14:54:36