CVE-2021-3831
Cross-site Scripting (XSS) - Reflected in gnuboard/gnuboard5
Vexday Risk Score
36Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 7.1EPSS 1.8%KEV nãoPoC —Nuclei simMetasploit —Patch —
Lifecycle
14 Dec 2021Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
gnuboard5 is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Affected products
gnuboard · gnuboard/gnuboard5Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →