Cross Site Scripting Vulnerability in Pixelimity by Pixelimity
CVE-2021-42866

4.8MEDIUM

Key Information:

Vendor: Pixelimity
Status: Pixelimity
Vendor: CVE Published:; 31 March 2022

What is CVE-2021-42866?

A Cross Site Scripting vulnerability is present in Pixelimity 1.0, specifically found through manipulation of the Site Description field in the admin settings. This flaw allows remote attackers to inject malicious scripts, which could lead to unauthorized actions and data exposure when users interact with affected areas of the web application.

References

http://rlsec.xyz/vulns/CVE_2021_42866.html

x_refsource_MISC

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2022
Vulnerability Reserved
Oct 25, 2021