Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stored XSS where an editor uploads an SVG file that contains malicious JavaScript onto the Images module, which triggers XSS once viewed.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: Mend
Published:
Updated: 2024-08-03T20:19:19.357Z
Reserved: 2021-01-22T00:00:00
Link: CVE-2021-25978

No data.

Status : Modified
Published: 2021-11-07T18:15:07.620
Modified: 2024-11-21T05:55:43.207
Link: CVE-2021-25978

No data.