Cross-Site Scripting Vulnerability in Bludit by Bludit
CVE-2021-35323

6.1MEDIUM

Key Information:

Vendor

Bludit

Status
Bludit
Vendor
CVE Published:
19 October 2021

What is CVE-2021-35323?

A Cross-Site Scripting (XSS) vulnerability is present in Bludit 3.13.1, allowing attackers to inject malicious scripts via the username field in the admin login portal. This exploitation can lead to unauthorized access and manipulation of user sessions, making it critical for users to update to patched versions to maintain their web security.

References

https://github.com/bludit/bludit/issues/1327
x_refsource_MISC
http://packetstormsecurity.com/files/164990/Bludit-3.13.1...
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.