Onyaktech Comments Pro Project - Onyaktech Comments Pro CVE

Filtered by vendor Onyaktech Comments Pro Project Subscribe

Filtered by product Onyaktech Comments Pro

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-33483	1 Onyaktech Comments Pro Project	1 Onyaktech Comments Pro	2021-09-13	3.5 LOW	5.4 MEDIUM
An issue was discovered in CommentsService.ashx in OnyakTech Comments Pro 3.8. The comment posting functionality allows an attacker to add an XSS payload to the JSON request that will execute when users visit the page with the comment.

Vulnerabilities (CVE)