PT-2021-22274 · Imgurl · Imgurl

Mcblog

Published

2021-08-16

Updated

2021-08-30

CVE-2021-38713

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions imgURL version 2.31

Description The issue allows for XSS (Cross-Site Scripting) attacks via the X-Forwarded-For HTTP header.

Recommendations For imgURL version 2.31, consider restricting access to the X-Forwarded-For HTTP header to minimize the risk of XSS attacks until a patch is available.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-38713

GHSA-F2RP-J8HV-G5GX

Affected Products

Imgurl

PT-2021-22274 · Imgurl · Imgurl

CVE-2021-38713

Weakness Enumeration

Related Identifiers

Affected Products

References · 7