Vulnerability Details CVE-2021-33496
Dutchcoders transfer.sh before 1.2.4 allows XSS via an inline view.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://github.com/dutchcoders/transfer.sh/commit/9df18fdc69de2e71f30d8c1e6bfab2fda2e52eb4
- https://github.com/dutchcoders/transfer.sh/pull/373
- https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4
- https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4
- https://vuln.ryotak.me/advisories/43
- https://github.com/dutchcoders/transfer.sh/commit/9df18fdc69de2e71f30d8c1e6bfab2fda2e52eb4
- https://github.com/dutchcoders/transfer.sh/pull/373
- https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4
- https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4
- https://vuln.ryotak.me/advisories/43
Products affected by CVE-2021-33496
-
cpe:2.3:a:dutchcoders:transfer.sh:-
-
cpe:2.3:a:dutchcoders:transfer.sh:1.0.0
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.0
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.1
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.2
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.3
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.4
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.5
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.6
-
cpe:2.3:a:dutchcoders:transfer.sh:1.1.7
-
cpe:2.3:a:dutchcoders:transfer.sh:1.2.0
-
cpe:2.3:a:dutchcoders:transfer.sh:1.2.1
-
cpe:2.3:a:dutchcoders:transfer.sh:1.2.2
-
cpe:2.3:a:dutchcoders:transfer.sh:1.2.3