CVE-2021-33570

MEDIUM

Postbird 0.8.4 - XSS

Title source: llm

Description

Postbird 0.8.4 allows stored XSS via the onerror attribute of an IMG element in any PostgreSQL database table. This can result in reading local files via vectors involving XMLHttpRequest and open of a file:/// URL, or discovering PostgreSQL passwords via vectors involving Window.localStorage and savedConnections.

Exploits (1)

exploitdb WORKING POC

by Debshubra Chakraborty · pythonwebappsmultiple

https://www.exploit-db.com/exploits/49910

View Code ZIP pw:eip

References (8)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/162831/Postbird-0.8.4-Cross-Site-Scripting-Local-File-Inclusion.html

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/162872/Postbird-0.8.4-XSS-LFI-Insecure-Data-Storage.html

[Issue Tracking, Third Party Advisory] https://github.com/Paxa/postbird/issues/132

[Issue Tracking, Third Party Advisory] https://github.com/Paxa/postbird/issues/133

[Issue Tracking, Third Party Advisory] https://github.com/Paxa/postbird/issues/134

[Exploit, Third Party Advisory] https://github.com/Tridentsec-io/postbird

[Broken Link, Third Party Advisory, URL Repurposed] https://tridentsec.io/blogs/postbird-cve-2021-33570/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/49910

Scores

CVSS v3 5.4

EPSS 0.0171

EPSS Percentile 82.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

postbird_project/postbird 0.8.4

Published May 25, 2021

Tracked Since Feb 18, 2026