CVE-2021-33988: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

October 25, 2021

Cross Site Scripting (XSS). vulnerability exists in Microweber CMS 1.2.7 via the Login form, which could let a malicious user execute Javascript by Inserting code in the request form.

References

github.com/advisories/GHSA-w7x8-cq7r-g5g9
github.com/nck0099/osTicket/issues/2
nvd.nist.gov/vuln/detail/CVE-2021-33988

Detect and mitigate CVE-2021-33988 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →