Cross Site Scripting Vulnerability in Maccms v10 by Maccms Pro
CVE-2021-43707

6.1MEDIUM

Key Information:

Vendor: Maccms
Status: Maccms
Vendor: CVE Published:; 31 March 2022

What is CVE-2021-43707?

A Cross Site Scripting (XSS) vulnerability was identified in Maccms version 10, which allows attackers to inject malicious scripts through the link_Name parameter. This can lead to unauthorized actions and potential data compromise for users interacting with the affected application. It is essential for administrators to apply necessary patches and validate input to mitigate these types of security risks.

References

https://github.com/maccmspro/maccms10/issues/18

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 31, 2022
Vulnerability Reserved
Nov 15, 2021

CVE-2021-43707 Data

JSON