CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Textpattern: >> Textpattern >> 4.9.0 Security Vulnerabilities

CVE-2021-28002

A persistent cross-site scripting vulnerability was discovered in the Excerpt parameter in Textpattern CMS 4.9.0 which allows remote attackers to execute arbitrary code via a crafted payload entered into the URL field. The vulnerability is triggered by users visiting the 'Articles' page.

CVSS Score

5.4

EPSS Score

0.002

Published

2021-08-19

Page 1

Vulnerabilities

Vulnerable Software

Textpattern: >> Textpattern >> 4.9.0 Security Vulnerabilities

Products

Pricing

Contact Us