216.73.216.67

CVE-2021-47981

· Published 16/05/2026 16:16 · Modified 16/05/2026 16:16

Labels: CVE-2021-47981 2026-05-16CVE-2021-47981CWE-79[email protected]

Essential information

Published
16/05/2026 16:16
Modified
16/05/2026 16:16
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in victim browsers when the form is submitted.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
quickcms / quick cms cpe:2.3:a:quickcms:quick_cms:6.7:*:*:*:*:*:*:*

References