CVE-2021-43334: XSS
First published: Wed Jan 26 2022(Updated: )
BuddyBoss Platform through 1.8.0 allows XSS via the Group Name or Group Description field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BuddyBoss | <=1.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-43334.
What is the severity rating of CVE-2021-43334?
CVE-2021-43334 has a severity rating of medium (5.4).
How does CVE-2021-43334 affect BuddyBoss Platform?
CVE-2021-43334 affects BuddyBoss Platform through version 1.8.0.
How can an attacker exploit CVE-2021-43334?
An attacker can exploit CVE-2021-43334 by injecting malicious code via the Group Name or Group Description field in BuddyBoss Platform.
Are there any known fixes or patches for CVE-2021-43334?
Yes, you can find fixes and patches for CVE-2021-43334 on the BuddyBoss Platform Releases page.
- agent/type
- agent/references
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/buddyboss
- canonical/buddyboss
- version/buddyboss/1.8.0