The Simple Blog plugin in Wondercms 3.4.1 is vulnerable to stored cross-site scripting (XSS) vulnerability. When any user opens a particular blog hosted on an attackers' site, XSS may occur.
References
Link | Resource |
---|---|
https://hackerone.com/reports/485748 | Exploit Third Party Advisory |
https://hackerone.com/reports/647130 | Exploit Third Party Advisory |
https://hackerone.com/reports/961046 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-05-23T18:04:14
Updated: 2022-05-23T18:04:14
Reserved: 2021-10-11T00:00:00
Link: CVE-2021-42233
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-05-23T19:16:07.377
Modified: 2022-06-03T15:26:37.683
Link: CVE-2021-42233
JSON object: View
Redhat Information
No data.
CWE