Skip to main content
CVE-2021-3340 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in many forms of Wikindx before 5.7.0 and 6.x through 6.4.0 allows remote attackers to inject arbitrary web script or HTML via the message parameter to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Wikindx
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-3350 MEDIUM This Month

deleteaccount.php in the Delete Account plugin 1.4 for MyBB allows XSS via the deletereason parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Delete Account
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-3024 MEDIUM This Month

HashiCorp Vault and Vault Enterprise disclosed the internal IP address of the Vault node when responding to some invalid, unauthenticated HTTP requests. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hashicorp Vault
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2021-21266 MEDIUM PATCH This Month

openHAB is a vendor and technology agnostic open source automation software for your home. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Openhab
NVD GitHub
CVSS 3.1
5.0
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy