Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: November 16, 2021
PoC DetailsAccess the application by going to http://localhost:3000. Reflected XSS occurs at 2 parameters: category and tags. Paste the given urls in the browser which will trigger the XSS.
Affected Environments1.3.8 to 1.8.30
Good to know:
No fix version available
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||None|
|User Interaction (UI):||Required|
|Access Vector (AV):||Network|
|Access Complexity (AC):||Medium|