Exploit for #VU63216 Cross-site scripting in Cyclos WordPress Plugin

Cybersecurity Help s.r.o.

Published: 2022-05-16

Vulnerability identifier: #VU63216

Vulnerability risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/U:Clear]

CVE-ID: CVE-2021-31673

CWE-ID: CWE-79

Exploitation vector: Network

Exploits in database: 1

May 16, 2022
- Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting (XSS) [Exploit-DB]

Vulnerable software:
Cyclos WordPress Plugin
Web applications / Modules and components for CMS

Vendor: The Cyclos team