← voltar
CVE-2021-24468

Leaflet Map < 3.0.0 - Contributor+ Stored XSS

EPSS 0.6%CWE-79
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.6%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
02 ago 2021Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The Leaflet Map WordPress plugin before 3.0.0 does not escape some shortcode attributes before they are used in JavaScript code or HTML, which could allow users with a role as low as Contributors to exploit stored XSS issues
Produtos afetados
Unknown · Leaflet Map