Medium severity5.4NVD Advisory· Published Feb 24, 2021· Updated Jun 17, 2026
CVE-2021-3355
CVE-2021-3355
Description
A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- LightCMS/LightCMSdescription
- Range: =1.3.4
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/161562/LightCMS-1.3.4-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- gist.github.com/Peithon/1c628ded0c4fc96c6331c3cce1d0c69bnvdExploitThird Party Advisory
- github.com/eddy8/LightCMS/issues/18nvdExploitIssue TrackingThird Party Advisory
- www.exploit-db.com/exploits/49598nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.