PT-2022-12386 · Bludit · Bludit
Plsanu
·
Published
2022-01-06
·
Updated
2022-01-07
·
CVE-2021-45745
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Bludit version 3.13.1
Description
A Stored Cross Site Scripting (XSS) issue exists via the About Plugin in the login panel. This allows for malicious scripts to be stored and executed, potentially leading to unauthorized actions.
Recommendations
For Bludit version 3.13.1, update to a version that fixes this issue to prevent stored cross-site scripting attacks. As a temporary workaround, consider restricting access to the About Plugin in the login panel until a patch is available.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Bludit