CVE-2021-28418

A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter.
References
Link Resource
https://github.com/seopanel/Seo-Panel/issues/207 Exploit Issue Tracking Third Party Advisory
http://packetstormsecurity.com/files/162914/Seo-Panel-4.8.0-Cross-Site-Scripting.html Exploit Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:seopanel:seo_panel:4.8.0:*:*:*:*:*:*:*

Information

Published : 2021-03-18 05:15

Updated : 2021-12-03 10:01


NVD link : CVE-2021-28418

Mitre link : CVE-2021-28418


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

seopanel

  • seo_panel