CVE-2021-45843
published 2022-09-29CVE-2021-45843: glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value of the title request parameter is copied into the value of…
PriorityP422medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.66%
46.8th percentile
glFusion CMS v1.7.9 is affected by a reflected Cross Site Scripting (XSS) vulnerability. The value of the title request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. This input was echoed unmodified in the application's response.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| glfusion | glfusion | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-09-29
Published