Description

A stored cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the course "Title" and "Content" fields.

Remediation

References

CVE-2021-35415

Related Vulnerabilities

MySQL CVE-2021-35602 Vulnerability (CVE-2021-35602)

OpenSSL Other Vulnerability (CVE-2015-0209)

WordPress Plugin WP-Filebase Download Manager Cross-Site Scripting (3.1.02)

WordPress Plugin Comments Disable-AccessPress includes Backdoor [Only if downloaded via the vendor website] (1.0.7)

MySQL CVE-2018-2647 Vulnerability (CVE-2018-2647)

Severity

Medium

Classification

CVE-2021-35415 CWE-707

Tags

Missing Update Known Vulnerabilities