Medium severity5.4NVD Advisory· Published May 16, 2026· Updated May 18, 2026
CVE-2021-47981
CVE-2021-47981
Description
Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in victim browsers when the form is submitted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =6.7
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.