CVE-2021-47981 – Quick.CMS 6.7 Cross-Site Scripting via CSRF to Sliders Form

CVE ID :CVE-2021-47981

Published : May 16, 2026, 3:26 p.m. | 31 minutes ago

Description :Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in victim browsers when the form is submitted.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2021-47978 – ProcessMaker 3.5.4 Local File Inclusion via Path Traversal

CVE-2021-47977 – WordPress Anti-Malware Security Bruteforce Firewall 4.20.59 Directory Traversal

CVE-2021-47942 – Home Assistant Community Store 1.10.0 Path Traversal Account Takeover

CVE-2020-37241 – bloofoxCMS 0.5.2.1 Cross-Site Request Forgery via user add