Lucene search
K

4 matches found

Circl
Circl
added 2024/11/15 10:54 a.m.14 views

CVE-2021-3741

creationtimestamp| type| source ---|---|--- 2024-11-15 10:54:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113486597696670459 2024-11-15 13:15:50+00:00| seen| https://t.me/cvedetector/11072...

7.8CVSS7.5AI score0.00285EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/15 10:51 a.m.9 views

CVE-2021-3741 Stored Cross-site Scripting (XSS) in chatwoot/chatwoot

A stored cross-site scripting XSS vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. The vulnerability occurs when a user uploads an SVG file containing a malicious XSS payload in the profile settings. When the avatar is opened in a new page, the custom...

7.8CVSS5.1AI score0.00285EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/15 10:51 a.m.25 views

CVE-2021-3741 Stored Cross-site Scripting (XSS) in chatwoot/chatwoot

A stored cross-site scripting XSS vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.6. The vulnerability occurs when a user uploads an SVG file containing a malicious XSS payload in the profile settings. When the avatar is opened in a new page, the custom...

7.8CVSS0.00285EPSS
Exploits0References2
CVE
CVE
added 2024/11/15 10:51 a.m.49 views

CVE-2021-3741

Chatwoot stored XSS vulnerability (CVE-2021-3741) affecting chatwoot/chatwoot versions prior to 2.6.0. The issue arises from uploading an SVG file containing a malicious XSS payload in Profile Settings; when the avatar is opened, the injected JavaScript executes. Impact is described as execution ...

7.8CVSS5.9AI score0.00285EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder