Vulnerability Description
1CDN is open-source file sharing software. In 1CDN before commit f88a2730fa50fc2c2aeab09011f6f142fd90ec25, there is a basic cross-site scripting vulnerability that allows an attacker to inject /<script>//code</script> and execute JavaScript code on the client side.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 1Cdn Project | 1Cdn | < 2021-05-16 |
Related Weaknesses (CWE)
References
- https://github.com/onedotprojects/cdn/commit/f88a2730fa50fc2c2aeab09011f6f142fd9PatchThird Party Advisory
- https://github.com/onedotprojects/cdn/security/advisories/GHSA-g5c4-48rw-hjghPatchThird Party Advisory
- https://github.com/onedotprojects/cdn/commit/f88a2730fa50fc2c2aeab09011f6f142fd9PatchThird Party Advisory
- https://github.com/onedotprojects/cdn/security/advisories/GHSA-g5c4-48rw-hjghPatchThird Party Advisory
FAQ
What is CVE-2021-32616?
CVE-2021-32616 is a vulnerability with a CVSS score of 8.1 (HIGH). 1CDN is open-source file sharing software. In 1CDN before commit f88a2730fa50fc2c2aeab09011f6f142fd90ec25, there is a basic cross-site scripting vulnerability that allows an attacker to inject /<scrip...
How severe is CVE-2021-32616?
CVE-2021-32616 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-32616?
Check the references section above for vendor advisories and patch information. Affected products include: 1Cdn Project 1Cdn.