CVE-2021-4274

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions sileht bird-lg (affected versions not specified)

Description A problematic issue has been found in the processing of the file templates/layout.html, where the manipulation of the request args argument leads to cross-site scripting. The attack can be initiated remotely.

Recommendations To fix this issue, it is recommended to apply a patch with the name ef6b32c527478fefe7a4436e10b96ee28ed5b308. As a temporary workaround, consider restricting the manipulation of the request args argument to minimize the risk of exploitation.

Fix

XSS

Improper Neutralization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-707

Related Identifiers

CVE-2021-4274

Affected Products

Sileht Bird-Lg

CVE-2021-4274

Weakness Enumeration

Related Identifiers

Affected Products

References · 6