Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:33 p.m.6 views

CVE-2021-28088

Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...

5.4CVSS6AI score0.00867EPSS
Exploits1References1
NVD
NVD
added 2021/03/11 5:15 p.m.17 views

CVE-2021-28088

Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...

5.4CVSS0.00867EPSS
Exploits1References2
OSV
OSV
added 2021/03/11 5:15 p.m.12 views

CVE-2021-28088

Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...

5.4CVSS6AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/03/11 5:15 p.m.2 views

CVE-2021-28088

Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...

5.4CVSS5.7AI score0.00867EPSS
Exploits1References3
CVE
CVE
added 2021/03/11 4:23 p.m.50 views

CVE-2021-28088

ImpressCMS 1.4.2 is affected by a Cross-site Scripting (XSS) vulnerability in modules/content/admin/content.php, exploitable via the Display Name field. The root cause described across sources is inadequate input filtering in the Display Name parameter, enabling an attacker to inject arbitrary we...

5.4CVSS5.4AI score0.00867EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder