4 matches found
CVE-2021-23824
creationtimestamp| type| source ---|---|--- 2022-01-13 18:18:28+00:00| seen| https://t.me/cibsecurity/35413...
CVE-2021-23824
This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting XSS vulnerability, assuming an attacker can influence the...
CVE-2021-23824
The CVE-2021-23824 entry concerns Crow (C/C++ micro-framework). Concrete details across connected sources show thatCrow before 0.3+4 is vulnerable when rendering templates that interpolate attributes without quotes; an attacker can inject attributes to manipulate input, enabling Cross‑site Script...
CVE-2021-23824 Content Injection
This affects the package Crow before 0.3+4. When using attributes without quotes in the template, an attacker can manipulate the input to introduce additional attributes, potentially executing code. This may lead to a Cross-site Scripting XSS vulnerability, assuming an attacker can influence the...