CVE-2021-47981 – Quick.CMS 6.7 Cross-Site Scripting via CSRF to Sliders Form

CVE ID :CVE-2021-47981

Published : May 16, 2026, 3:26 p.m. | 31 minutes ago

Description :Quick.CMS 6.7 contains a cross-site scripting vulnerability in the sliders form that allows authenticated attackers to inject malicious scripts by submitting XSS payloads through the sDescription parameter. Attackers can craft CSRF forms targeting the admin.php?p=sliders-form endpoint to execute arbitrary JavaScript in victim browsers when the form is submitted.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…