Medium severity6.1NVD Advisory· Published Nov 8, 2021· Updated Jun 17, 2026
CVE-2021-39420
CVE-2021-39420
Description
Multiple Cross Site Scripting (XSS) vulnerabilities exist in VFront 0.99.5 via the (1) s parameter in search_all.php and the (2) msg parameter in add.attach.php.
Affected products
2- VFront/VFrontdescription
Patches
Vulnerability mechanics
References
1- sisl.lab.uic.edu/projects/chess/vfront0-99-5/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.