CVE-2021-35438

CVE-2021-35438

EPSS 1.0%

phpIPAM 1.4.3 allows Reflected XSS via app/dashboard/widgets/ipcalc-result.php and app/tools/ip-calculator/result.php of the IP calculator.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/MarkLee131/awesome-web-pocs/blob/main/CVE-2021-35438.md https://github.com/phpipam/phpipam/issues/3351