CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-36545

Cross Site Scripting (XSS) vulnerability in tpcms 3.2 allows remote attackers to run arbitrary code via the cfg_copyright or cfg_tel field in Site Configuration page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.7%

CVSS Severity

CVSS v3 Score 5.4

References

https://gitee.com/happy_source/tpcms/issues/I3YUCJ
https://gitee.com/happy_source/tpcms/issues/I3YUCJ

Products affected by CVE-2021-36545

Tpcms Project » Tpcms » Version: 3.2

cpe:2.3:a:tpcms_project:tpcms:3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36545

Products

Pricing

Contact Us