CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-39420

Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5 via the (1) s parameter in search_all.php and the (2) msg parameter in add.attach.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://sisl.lab.uic.edu/projects/chess/vfront0-99-5/
https://sisl.lab.uic.edu/projects/chess/vfront0-99-5/

Products affected by CVE-2021-39420

Vfront » Vfront » Version: 0.99.5

cpe:2.3:a:vfront:vfront:0.99.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39420

Products

Pricing

Contact Us