and execute JavaScript code on t","datePublished":"2021-05-28T20:20:17+00:00","dateModified":"2024-08-03T23:25:30.989000+00:00","inLanguage":"pt","author":{"@type":"Organization","name":"Vexday"},"publisher":{"@type":"Organization","name":"Vexday","url":"https://vexday.io"},"mainEntityOfPage":"https://vexday.io/pt/cve/CVE-2021-32616","keywords":"CVE-2021-32616, CWE-79","breadcrumb":{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Início","item":"https://vexday.io/pt"},{"@type":"ListItem","position":2,"name":"CVE-2021-32616"}]}}← voltar

CVE-2021-32616

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in 1CDN

CVSS 8.1 HIGHEPSS 0.7%CWE-79

1CDN is open-source file sharing software. In 1CDN before commit f88a2730fa50fc2c2aeab09011f6f142fd90ec25, there is a basic cross-site scripting vulnerability that allows an attacker to inject /<script>//code</script> and execute JavaScript code on the client side.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Produtos afetados

onedotprojects · cdn

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/onedotprojects/cdn/commit/f88a2730fa50fc2c2aeab09011f6f142fd90ec25https://github.com/onedotprojects/cdn/security/advisories/GHSA-g5c4-48rw-hjgh