Lucene search
+L

4 matches found

OSV
OSV
added 2021/11/16 10:15 a.m.16 views

CVE-2021-25982

In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...

6.1CVSS6.1AI score0.00733EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2021/11/16 9:45 a.m.6 views

CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality

In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...

6.1CVSS6.2AI score0.00733EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/16 9:45 a.m.29 views

CVE-2021-25982 FactorJS - Reflected Cross-Site Scripting (XSS) in Search Functionality

In Factor App Framework & Headless CMS forum plugin, versions 1.3.5 to 1.8.30, are vulnerable to reflected Cross-Site Scripting XSS at the “search” parameter in the URL. An unauthenticated attacker can execute malicious JavaScript code and steal the session cookies...

6.1CVSS6.2AI score0.00733EPSS
Exploits0References2
CVE
CVE
added 2021/11/16 9:45 a.m.43 views

CVE-2021-25982

CVE-2021-25982 affects FactorJS - Factor (App Framework & Headless CMS) forum plugin, versions 1.3.5 to 1.8.30. The flaw is a reflected Cross-Site Scripting (XSS) vulnerability in the URL’s search parameter, allowing an unauthenticated attacker to inject and execute JavaScript and potentially ste...

6.1CVSS6.1AI score0.00733EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder