CVE-2021-45787

There is a stored Cross Site Scripting (XSS) vulnerability in maccms v10 through adding videos. XSS code can be inserted at parameter positions including name and remarks.
References
Link Resource
https://github.com/magicblack/maccms10/issues/746 Exploit Issue Tracking Patch Third Party Advisory
https://github.com/magicblack/maccms10/issues/746 Exploit Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:maccms:maccms:10.0:-:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.03.15:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.03.21:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.04.02:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.01:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.02.1005:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.03.0000:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.04.1320:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.07.1213:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.08.2020:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.09.1320:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.11.2300:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.15.1403:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.17.1050:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.22.1338:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.05.30.1007:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.06.04.1510:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.06.08.1339:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.06.12.1430:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.06.15.0910:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.06.29.1425:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.07.29.1010:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.08.14.0955:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.08.24.1355:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.08.25.1120:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.09.03.0920:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.09.14.0850:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.09.28.0950:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.10.09.1333:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.10.13.1025:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.10.22.1200:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.10.31.1340:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.11.18.0920:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.12.05.0950:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2018.12.13.2151:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1001:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1002:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1003:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1004:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1005:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1006:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1007:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.00.00.1008:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.01.19.1001:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.0101.1001:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.02.23.0850:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.03.06.1617:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1009:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1010:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1011:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1012:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1013:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1014:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1015:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1016:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1017:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2019.1000.1018:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1019:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1020:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1021:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1022:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1023:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1024:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1025:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1027:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1029:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1031:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1032:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1033:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1034:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1035:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1039:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1042:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1051:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1060:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1062:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1068:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1068b:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1069:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1074:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1075:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1080:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2020.1000.1081:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2021.1000.1081:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2022.1000.1099:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2022.1000.3001:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2022.1000.3002:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2022.1000.3004:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2022.1000.3005:*:*:*:*:*:*
cpe:2.3:a:maccms:maccms:10.0:2022.1000.3025:*:*:*:*:*:*

History

21 Nov 2024, 06:33

Type Values Removed Values Added
References () https://github.com/magicblack/maccms10/issues/746 - Exploit, Issue Tracking, Patch, Third Party Advisory () https://github.com/magicblack/maccms10/issues/746 - Exploit, Issue Tracking, Patch, Third Party Advisory

Information

Published : 2022-03-16 13:15

Updated : 2024-11-21 06:33


NVD link : CVE-2021-45787

Mitre link : CVE-2021-45787

CVE.ORG link : CVE-2021-45787


JSON object : View

Products Affected

maccms

  • maccms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')