← voltar
CVE-2021-3783

Cross-site Scripting (XSS) - Reflected in yourls/yourls

CVSS 6.6 MEDIUMEPSS 0.7%CWE-79
yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
yourls · yourls/yourls

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/yourls/yourls/commit/94f6bab91182142c96ff11f481585b445449efd4https://huntr.dev/bounties/b688e553-d0d9-4ddf-95a3-ff4b78004984