Vulnerability Details CVE-2021-41502
An issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.8%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2021-41502
-
cpe:2.3:a:intelliants:subrion_cms:4.2.1