CVE-2021-47981 | VulnIntel — VulnIntel

CVE-2021-47981

MEDIUM

Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in victim browsers when the form is submitted.

StatusReceived

설명

Score Summary

CVSS Score: 5.1
Version: 4.0
Risk Score: 2.55
Attack Vector: 네트워크 공격
낮은 복잡도
권한 불필요

Details

Published: 05/16/2026(7 hours ago)
Modified: 05/16/2026(7 hours ago)
Source: NVD

Score Comparison by Source

Source	CVSS Version	Base Score	Severity	Vector String	Assessment Date
NVDNIST	4.0	5.1	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X	05/16/2026
NVDNIST

CWE Weakness Classification

CWE-79
NVD
Primary

References (4)