CVE-2021-25790 — MEDIUM (5.4)

Vulnerability Description

Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
House Rental And Property Listing Php Project	House Rental And Property Listing Php	1.0

Related Weaknesses (CWE)

CWE-79

References

https://www.exploit-db.com/exploits/49352ExploitThird Party AdvisoryVDB Entry
https://www.sourcecodester.comProduct
https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-fProduct
https://www.exploit-db.com/exploits/49352ExploitThird Party AdvisoryVDB Entry
https://www.sourcecodester.comProduct
https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-fProduct

FAQ

What is CVE-2021-25790?

CVE-2021-25790 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via...

How severe is CVE-2021-25790?

CVE-2021-25790 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-25790?

Check the references section above for vendor advisories and patch information. Affected products include: House Rental And Property Listing Php Project House Rental And Property Listing Php.