Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2021-3137

Published: 20/01/2021 Updated: 22/01/2021
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Subscribe to Xwiki

Vulnerability Summary

XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

xwiki xwiki 12.10.2

Github Repositories

https://github.com/surister/django-meinheld-gunicorn

Last documentation update: 2021-08-05 This is still a WIP Index Tags Links About the repository Why the respository Environment variables Base image explanation Running the images Simple example Passing source files at build time Installing extra packages Docker-compose Simple example Simple example with installed packages Complete example (With PostgreSQL and adminer)

References

CWE-79https://www.exploit-db.com/exploits/49437https://nvd.nist.govhttps://github.com/surister/django-meinheld-gunicorn
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook