← volver
CVE-2021-47750

YouPHPTube <= 7.8 - Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79
YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Productos afectados
YouPHPTube · YouPHPTube

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://web.archive.org/web/20170506141644/https://www.youphptube.com/https://www.exploit-db.com/exploits/51101https://www.vulncheck.com/advisories/youphptube-cross-site-scripting