A Cross Site Scripting (XSS) vulnerability exists in DanPros htmly 2.8.1 via the Description field in (1) admin/config, and (2) index.php pages.
References
Link | Resource |
---|---|
http://rlsec.xyz/vulns/CVE_2021_42867.html | Exploit Third Party Advisory |
https://rlsec.xyz/vulns/ | Third Party Advisory |
Configurations
Information
Published : 2022-03-31 11:15
Updated : 2022-04-07 06:17
NVD link : CVE-2021-42867
Mitre link : CVE-2021-42867
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
htmly
- htmly