← voltar
CVE-2021-47750

YouPHPTube <= 7.8 - Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79
YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Produtos afetados
YouPHPTube · YouPHPTube

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://web.archive.org/web/20170506141644/https://www.youphptube.com/https://www.exploit-db.com/exploits/51101https://www.vulncheck.com/advisories/youphptube-cross-site-scripting