cb
cvebase
.
~
/
products
/
tiny
/
plupload
Search CVEs, products, detections…
⌘K
pipeline live
Digest
Docs
Home
/
Products
/
tiny
/
Tiny Plupload
Tiny Plupload vulnerabilities
1 known vulnerability affecting
tiny/plupload
.
Track
Version
All versions
Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH
1
Vulnerabilities
Sort
Most important
Highest Priority
Highest EPSS
Highest CVSS
Newest
Oldest
Page 1 of 1
CVE-2021-23562
P2
HIGH
CVSS 8.8
Exploited
fixed in 2.3.9
·
≥ unspecified, < 2.3.9
2021-12-03
CVE-2021-23562 [HIGH] CWE-434 CVE-2021-23562: This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uplo This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uploaded and run. An attacker would need to trick a user to upload this kind of file.
ghsa
nvd
osv
Tiny Plupload vulnerabilities | cvebase