VYPR
Unrated severityNVD Advisory· Published Dec 15, 2022· Updated Apr 21, 2025

CVE-2021-39428

CVE-2021-39428

Description

Cross Site Scripting (XSS) vulnerability in Users.php in eyoucms 1.5.4 allows remote attackers to run arbitrary code and gain escalated privilege via the filename for edit_users_head_pic.

Affected products

2
  • Eyoucms/Eyoucmscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 1.5.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2021-39428 · VYPR