CVE-2021-39391

Cross Site Scripting (XSS) vulnerability exists in the admin panel in Beego v2.0.1 via the URI path in an HTTP request, which is activated by administrators viewing the "Request Statistics" page.
References
Link Resource
https://github.com/beego/beego Third Party Advisory
https://github.com/beego/beego/issues/4727 Exploit Issue Tracking Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:beego:beego:2.0.1:*:*:*:*:*:*:*

Information

Published : 2021-09-14 11:15

Updated : 2021-09-24 11:49


NVD link : CVE-2021-39391

Mitre link : CVE-2021-39391


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

beego

  • beego