Stored Cross-Site Scripting (XSS) Vulnerability in Subrion CMS v4.2.1

CVE-2021-41502 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

An issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute.

Learn more about our Cms Pen Testing.