CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-43440

Multiple Stored XSS Vulnerabilities in the Source Code of iOrder 1.0 allow remote attackers to execute arbitrary code via signup form in the Name and Phone number field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/MartDevelopers-Inc/Order_Processing_MIS
https://medium.com/%40mayhem7999/cve-2021-43439-d04781bca6ce
https://github.com/MartDevelopers-Inc/Order_Processing_MIS
https://medium.com/%40mayhem7999/cve-2021-43439-d04781bca6ce

Products affected by CVE-2021-43440

Iorder Project » Iorder » Version: 1.0

cpe:2.3:a:iorder_project:iorder:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-43440

Products

Pricing

Contact Us