CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-47808

Cotonti Siena 0.9.19 contains a stored cross-site scripting vulnerability in the admin configuration panel's site title parameter. Attackers can inject malicious JavaScript code through the 'maintitle' parameter to execute scripts when administrators view the page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 8.4%

CVSS Severity

CVSS v3 Score 7.2

References

https://cotonti.com
https://www.cotonti.com/download/
https://www.exploit-db.com/exploits/50016
https://www.vulncheck.com/advisories/cotonti-siena-maintitle-stored-cross-site-scripting
https://www.exploit-db.com/exploits/50016

Products affected by CVE-2021-47808

Cotonti » Cotonti Siena » Version: 0.9.19

cpe:2.3:a:cotonti:cotonti_siena:0.9.19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-47808

Products

Pricing

Contact Us