CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25204

Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.8%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

https://github.com/BigTiger2020/E-Commerce-Website/blob/main/E-Commerce%20Website-xss.md
https://github.com/BigTiger2020/E-Commerce-Website/blob/main/E-Commerce%20Website-xss.md

Products affected by CVE-2021-25204

E-Commerce Website Project » E-Commerce Website » Version: 1.0

cpe:2.3:a:e-commerce_website_project:e-commerce_website:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25204

Products

Pricing

Contact Us