Medium severity6.1NVD Advisory· Published Mar 25, 2022· Updated Jun 17, 2026
CVE-2021-46426
CVE-2021-46426
Description
phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/phpipam/phpipam/commit/6c1f72816d6ac634e9c174057e008717d959f351nvdPatchThird Party Advisory
- packetstormsecurity.com/files/167227/PHPIPAM-1.4.4-Cross-Site-Request-Forgery-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2022/May/43nvdMailing ListThird Party Advisory
- www.tempest.com.brnvdNot Applicable
News mentions
0No linked articles in our index yet.