Vulnerability Database
Blog
FAQ
Docs
CVE-2021-25295
See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-25295
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25295.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-25295
Published
2021-01-18T06:15:13Z
Modified
2024-09-03T03:44:38.681287Z
Severity
6.1 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
[none]
Details
OpenCATS through 0.9.5-3 has multiple Cross-site Scripting (XSS) issues.
References
https://www.opencats.org/news/
https://github.com/snoopysecurity/snoopysecurity.github.io/blob/master/web-application-security/2021/01/16/09_opencats_php_object_injection.html
https://snoopysecurity.github.io/web-application-security/2021/01/16/09_opencats_php_object_injection.html
Affected packages
Git
/
github.com/opencats/opencats
Affected ranges
Type
GIT
Repo
https://github.com/opencats/opencats
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
77c1f2bcf1bc92f4ca93874d02c7288728df0f87
Affected versions
0.*
0.9.1a
0.9.3
0.9.3-1
0.9.3-2
0.9.3-2-test-release
0.9.3-3
0.9.3-3-test-release
0.9.4
0.9.4-1
0.9.4-2
0.9.5
0.9.5-1
0.9.5-2
0.9.5-3
Other
delete
opencats-0.*
opencats-0.9.3
opencats-0.9.3(alpha)
opencats-0.9.3(final)
CVE-2021-25295 - OSV