CVE-2021-3841 – Sylius Stored Cross-Site Scripting (XSS) Vulnerability

CVE ID : CVE-2021-3841

Published : Nov. 15, 2024, 11:15 a.m. | 1 hour, 11 minutes ago

Description : sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user’s browser.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…CVE ID : CVE-2021-3841

Published : Nov. 15, 2024, 11:15 a.m. | 1 hour, 11 minutes ago

Description : sylius/sylius versions prior to 1.9.10, 1.10.11, and 1.11.2 are vulnerable to stored cross-site scripting (XSS) through SVG files. This vulnerability allows attackers to inject malicious scripts that can be executed in the context of the user’s browser.

Severity: 4.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…