← back
CVE-2021-47750

YouPHPTube <= 7.8 - Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.1EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Jan 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Affected products
YouPHPTube · YouPHPTube

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://web.archive.org/web/20170506141644/https://www.youphptube.com/https://www.exploit-db.com/exploits/51101https://www.vulncheck.com/advisories/youphptube-cross-site-scripting