CVE-2021-39420 · Vexday

CVE-2021-39420

EPSS 0.6%

Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5 via the (1) s parameter in search_all.php and the (2) msg parameter in add.attach.php.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://sisl.lab.uic.edu/projects/chess/vfront0-99-5/