How severe is CVE-2021-26263?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2021-26263?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2021-26263

HIGH Year: 2021

CVSS v3 Score

7.5

High

Weakness Type

CWE-79

View all →

Vulnerability Description

Cross-site scripting (XSS) issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents.

CVE-2016-8719

HIGH

CVSS:7.5(High)

An exploitable reflected Cross-Site Scripting vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Specially crafted input, in multip...

CWE-792016

CVE-2018-12319

HIGH

CVSS:7.5(High)

Denial-of-service in the login page of ASUSTOR ADM 3.1.1 allows attackers to prevent users from signing in by placing malformed text in the title.

CWE-792018

CVE-2018-3740

HIGH

CVSS:7.5(High)

A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

CWE-792018

CVE-2018-6010

HIGH

CVSS:7.5(High)

In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Relat...

CWE-792018

CVE-2019-15816

HIGH

CVSS:7.5(High)

The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions.

CWE-792019

CVE-2019-17214

HIGH

CVSS:7.5(High)

The WebARX plugin 1.3.0 for WordPress allows firewall bypass by appending &cc=1 to a URI.

CWE-792019

CVE-2021-26263

Vulnerability Description

Related Vulnerabilities

CVE-2016-8719

CVE-2018-12319

CVE-2018-3740

CVE-2018-6010

CVE-2019-15816

CVE-2019-17214