CVE-2021-3785: Cross-site Scripting (XSS) - Stored in yourls/yourls
First published: Wed Sep 15 2021(Updated: )
yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yourls Yourls | <1.8.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security vulnerability?
The vulnerability ID for this security vulnerability is CVE-2021-3785.
What is the severity of CVE-2021-3785?
The severity of CVE-2021-3785 is high with a severity score of 5.4.
What is the affected software in CVE-2021-3785?
The affected software in CVE-2021-3785 is Yourls version up to and exclusive 1.8.2.
What is the CWE ID for CVE-2021-3785?
The CWE ID for CVE-2021-3785 is CWE-79.
How do I fix CVE-2021-3785?
To fix CVE-2021-3785, it is recommended to update Yourls to a version higher than or equal to 1.8.2.
- collector/nvd-index
- agent/type
- agent/references
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/yourls
- canonical/yourls yourls