PT-2022-11670 · Unknown · Studygolang

Published

2022-12-21

Updated

2022-12-29

CVE-2021-4272

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions studygolang (affected versions not specified)

Description A problematic vulnerability has been found in studygolang, affecting an unknown part of the file static/js/topics.js. The manipulation of the contentHtml argument leads to cross-site scripting. It is possible to initiate the attack remotely.

Recommendations To fix this issue, it is recommended to apply a patch with the name 0fb30f9640bd5fa0cae58922eac6c00bb1a94391. As a temporary workaround, consider restricting the manipulation of the contentHtml argument to minimize the risk of exploitation.

Fix

XSS

Improper Neutralization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-707

Related Identifiers

CVE-2021-4272

GHSA-GW62-C7W4-X449

Affected Products

Studygolang

PT-2022-11670 · Unknown · Studygolang

CVE-2021-4272

Weakness Enumeration

Related Identifiers

Affected Products

References · 8