CVE-2021-26636

HIGH

MaxBoard < 1.9.6.1 - Stored Cross-Site Scripting and SQL Injection

Title source: llm
STIX 2.1

Description

Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0141
EPSS Percentile 69.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-79 CWE-89
Status published
Products (1)
maxb/maxboard < 1.9.6.1
Published Jun 23, 2022
Tracked Since Feb 18, 2026