CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-35265

A reflected cross-site scripting (XSS) vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.053

EPSS Ranking 89.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/maxsite/cms/commit/6b0ab1de9f3d471485d1347e800a9ce43fedbf1a
https://github.com/maxsite/cms/issues/414#issue-726249183
https://github.com/maxsite/cms/commit/6b0ab1de9f3d471485d1347e800a9ce43fedbf1a
https://github.com/maxsite/cms/issues/414#issue-726249183

Products affected by CVE-2021-35265

Maxsite » Maxsite Cms » Version: Any

cpe:2.3:a:maxsite:maxsite_cms:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-35265

Products

Pricing

Contact Us