Unrated severityNVD Advisory· Published Oct 1, 2021· Updated Aug 4, 2024
CVE-2021-41465
CVE-2021-41465
Description
Cross-site scripting (XSS) vulnerability in concrete/elements/collection_theme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- concrete5-legacy/concrete5-legacydescription
Patches
Vulnerability mechanics
References
1- github.com/concrete5/concrete5-legacy/issues/2006mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.