CVE-2021-47750

YouPHPTube <= 7.8 - Cross-Site Scripting

CVSS 5.1 MEDIUMEPSS 0.3%CWE-79

Vexday Risk Score

13Baixo

Decisão SSVC (CISA)

Track

Sem sinal de exploração → monitorar

CVSS 5.1EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

13 jan 2026Publicada no NVD

Recomendação: Monitorar — sem sinal de exploração no momento.

YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Produtos afetados

YouPHPTube · YouPHPTube

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://web.archive.org/web/20170506141644/https://www.youphptube.com/https://www.exploit-db.com/exploits/51101 https://www.vulncheck.com/advisories/youphptube-cross-site-scripting