WEB APPLICATION VULNERABILITIES Standard & Premium

Seo Panel Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-29009)

Description

A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php in the "type" parameter.

Remediation

References

Related Vulnerabilities

WordPress Plugin Advanced Custom Fields PRO Multiple Security Bypass Vulnerabilities (5.10)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46731)

WordPress Plugin Book appointment online Cross-Site Scripting (1.38)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-0145)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-3829)

Severity

Medium

Classification

CVE-2021-29009 CWE-707 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities