Lucene search
K

4 matches found

circl
circl
added 2024/11/15 10:54 a.m.12 views

CVE-2021-3741

creationtimestamp| type| source ---|---|--- 2024-11-15 10:54:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113486597696670459 2024-11-15 13:15:50+00:00| seen| https://t.me/cvedetector/11072...

7.8CVSS7.5AI score0.00285EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/11/15 10:51 a.m.9 views

CVE-2021-3741 Stored Cross-site Scripting (XSS) in chatwoot/chatwoot

A stored cross-site scripting XSS vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. The vulnerability occurs when a user uploads an SVG file containing a malicious XSS payload in the profile settings. When the avatar is opened in a new page, the custom...

7.8CVSS5.1AI score0.00285EPSS
Exploits0References2
cvelist
cvelist
added 2024/11/15 10:51 a.m.24 views

CVE-2021-3741 Stored Cross-site Scripting (XSS) in chatwoot/chatwoot

A stored cross-site scripting XSS vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. The vulnerability occurs when a user uploads an SVG file containing a malicious XSS payload in the profile settings. When the avatar is opened in a new page, the custom...

7.8CVSS0.00285EPSS
Exploits0References2
cve
cve
added 2024/11/15 10:51 a.m.49 views

CVE-2021-3741

Chatwoot stored XSS vulnerability (CVE-2021-3741) affecting chatwoot/chatwoot versions prior to 2.6.0. The issue arises from uploading an SVG file containing a malicious XSS payload in Profile Settings; when the avatar is opened, the injected JavaScript executes. Impact is described as execution ...

7.8CVSS5.9AI score0.00285EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder