Skip to main content
CVE-2021-27279 MEDIUM POC PATCH This Month

MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCode (aka BBCode). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Mybb
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
CVE-2021-27564 MEDIUM POC This Month

A stored XSS issue exists in Appspace 6.2.4. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Appspace
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-27559 MEDIUM POC This Month

The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Monica
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27371 MEDIUM POC This Month

The Contact page in Monica 2.19.1 allows stored XSS via the Description field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Monica
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27370 MEDIUM POC This Month

The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Monica
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
3.3%
CVE-2021-27369 MEDIUM POC This Month

The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Monica
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27368 MEDIUM POC This Month

The Contact page in Monica 2.19.1 allows stored XSS via the First Name field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Monica
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27549 MEDIUM POC This Month

Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android application by default. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Genymotion Desktop
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2021-27515 MEDIUM POC PATCH This Month

url-parse before 1.5.0 mishandles certain uses of backslash such as http:\/ and interprets the URI as a relative path. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Url Parse
NVD GitHub
CVSS 3.1
5.3
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy