Lucene search
+L

4 matches found

osv
osv
added 2021/11/16 10:15 a.m.16 views

CVE-2021-25982

In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...

6.1CVSS6.1AI score0.00733EPSS
Exploits0References2
cvelist
cvelist
added 2021/11/16 9:45 a.m.29 views

CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality

In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...

6.1CVSS6.2AI score0.00733EPSS
Exploits0References2
cve
cve
added 2021/11/16 9:45 a.m.42 views

CVE-2021-25982

CVE-2021-25982 affects FactorJS - Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30. The flaw is a reflected Cross-Site Scripting (XSS) vulnerability in the URL’s search parameter, allowing an unauthenticated attacker to inject and execute JavaScript and potentially ste...

6.1CVSS6.1AI score0.00733EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2021/11/16 9:45 a.m.6 views

CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality

In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...

6.1CVSS6.2AI score0.00733EPSS
Exploits0References2
Rows per page
Query Builder