1 results (0.001 seconds)
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2021-46875
https://notcve.org/view.php?id=CVE-2021-46875
An issue was discovered in eZ Platform Ibexa Kernel before 1.3.1.1. An XSS attack can occur because JavaScript code can be uploaded in a .html or .js file. • https://github.com/ezsystems/ezpublish-kernel/commit/29fecd2afe86f763510f10c02f14962d028f311b https://github.com/ezsystems/ezpublish-kernel/security/advisories/GHSA-mrvj-7q4f-5p42 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •