An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur.
References
Link | Resource |
---|---|
https://github.com/JPressProjects/jpress/issues/152 | Exploit Issue Tracking Third Party Advisory |
https://github.com/JPressProjects/jpress/issues/152#issuecomment-850119847 | Exploit Issue Tracking Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-18T10:43:25
Updated: 2021-06-18T10:43:25
Reserved: 2021-05-20T00:00:00
Link: CVE-2021-33347
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-18T11:15:08.683
Modified: 2021-06-21T21:55:52.667
Link: CVE-2021-33347
JSON object: View
Redhat Information
No data.
CWE