Lucene search
GoogleOSV:GHSA-WMH9-X28J-C6GRHistoryMay 24, 2022 - 10:29 p.m.
Cross site scripting in publify
2022-05-2422:29:03
Google
osv.dev
6
0.001 Low
EPSS
Percentile
19.5%
In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A user with a “publisher” role is able to inject and execute arbitrary JavaScript code while creating a page/article.
Related
cvelist
cvelist
CVE-2021-25974 Publify - Stored Cross-Site Scripting (XSS) in Editor
2021-11-10 11:10:12
cve
cve
CVE-2021-25974
2021-11-10 11:15:07
osv
osv
CVE-2021-25974
2021-11-10 11:15:07
BIT-publify-2021-25974
2024-03-06 11:04:29
Cross site scripting in publify
2022-05-24 22:28:08
github
github
Cross site scripting in publify
2022-05-24 22:29:03
veracode
veracode
Cross-site Scripting (XSS)
2021-11-11 04:13:52
prion
prion
Design/Logic Flaw
2021-11-10 11:15:00
nvd
nvd
CVE-2021-25974
2021-11-10 11:15:07