admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/24xxx/CVE-2021-24706.json
Anthony Singleton 938debeed0 Revert "November 2021 Patch Tuesday" 
This reverts commit df296d9e014bf68ef22c0583c98da3fbe42ea316.
2021-11-17 15:47:33 -05:00

75 lines
1.9 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"CVE_data_meta": {
"ID": "CVE-2021-24706",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Qwizcards < 3.62 - Admin+ Stored Cross Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Qwizcards online quizzes and flashcards",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.62",
"version_value": "3.62"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Qwizcards online quizzes and flashcards WordPress plugin before 3.62 does not properly sanitize and escape some of its settings, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/ecddb611-de75-41d5-a470-8fc2cf0780a4",
"name": "https://wpscan.com/vulnerability/ecddb611-de75-41d5-a470-8fc2cf0780a4"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Shivam Rai"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink