VDB

CVE-2021-4273

CVE-2021-4273 PUBLISHED CVSS 4.300000190734863 MEDIUM

A vulnerability classified as problematic was found in studygolang. This vulnerability affects the function Search of the file http/controller/search.go. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 97ba556d42fa89dfaa7737e9cd3a8ddaf670bb23. It is recommended to apply a patch to fix this issue. VDB-216478 is the identifier assigned to this vulnerability.

EPSS 0.30% · 53.6th percentile

Risk Scores

CVSS v3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS Score
0.30%
53.6th percentile

Affected Products

VendorProductVersions
studygolangstudygolang
unspecifiedstudygolang*

Timeline

  • Dec 21, 2022 CVE Published
  • Dec 22, 2022 EPSS Score
  • Feb 1, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 15, 2023 EPSS Score
  • Apr 25, 2023 EPSS Score
  • Jun 6, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Aug 28, 2023 EPSS Score
  • Oct 8, 2023 EPSS Score
  • Nov 19, 2023 EPSS Score
  • Dec 30, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›