PT-2026-2359 · Unknown · Youphptube
Rafael Pedrero
·
Published
2026-01-13
·
Updated
2026-01-14
·
CVE-2021-47750
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
YouPHPTube versions prior to 7.9
Description
The software contains a cross-site scripting issue that allows attackers to inject malicious scripts. This is achieved by manipulating the
redirectUri parameter within the signup page. Successful exploitation results in the execution of arbitrary JavaScript code in the browsers of users who access the crafted signup URL.Recommendations
Update YouPHPTube to version 7.9 or later.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Youphptube