CVE-2021-41951
62Vexday Risk Score
Patch now. It exploitation observed by VulnCheck and has a working public exploit.
ssvc Actepss 78%
from disclosure to weapon
Published on NVDNov 15
VulnCheck+197d
exploitation probability
78%top 1% of all CVEs
observed exploitation
yesVulnCheck
ResourceSpace before 9.6 rev 18290 is affected by a reflected Cross-Site Scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter. If an attacker is able to persuade a victim to visit a crafted URL, malicious JavaScript content may be executed within the context of the victim's browser.
Affected products
n/a · n/a