CVE-2021-3298

MEDIUM

Collabtive 3.1 - Authenticated Stored Cross-Site Scripting via Profile Address Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-3298. PoCs published by Deha Berkin Bir.

AI-analyzed exploit summary This exploit demonstrates a persistent XSS vulnerability in Collabtive 3.1 via the 'address' field in the user profile edit page. The payload is injected into the 'address1' parameter and executed when the profile is viewed or edited.

Description

Collabtive 3.1 allows XSS when an authenticated user enters an XSS payload into the address section of the profile edit page, aka the manageuser.php?action=edit address1 parameter.

Exploits (1)

exploitdb WORKING POC

by Deha Berkin Bir · textwebappsphp

https://www.exploit-db.com/exploits/49468

View Code ZIP pw:eip

This exploit demonstrates a persistent XSS vulnerability in Collabtive 3.1 via the 'address' field in the user profile edit page. The payload is injected into the 'address1' parameter and executed when the profile is viewed or edited.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Collabtive 3.1

Auth required

Prerequisites: Valid user credentials · Access to the profile edit page

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://collabtive.o-dyn.de/forum/viewforum.php?f=6

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/49468

Scores

CVSS v3 5.4

EPSS 0.0214

EPSS Percentile 79.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

o-dyn/collabtive 3.1

Published Jan 29, 2021

Tracked Since Feb 18, 2026