216.73.217.86

CVE-2021-47768

· Published 15/01/2026 16:16 · Modified 16/01/2026 15:55

Labels: CVE-2021-47768 2026-01-15CVE-2021-47768CWE-79[email protected]

Essential information

Published
15/01/2026 16:16
Modified
16/01/2026 15:55
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

ImportExportTools NG 10.0.4 contains a persistent HTML injection vulnerability in the email export module that allows remote attackers to inject malicious HTML payloads. Attackers can send emails with crafted HTML in the subject that execute during HTML export, potentially compromising user data or session credentials.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
importexporttools / importexporttools ng cpe:2.3:a:importexporttools:importexporttools_ng:10.0.4:*:*:*:*:*:*:*

References