CVE-2021-36572

MEDIUM

Feehi CMS <2.1.1 - XSS

Title source: llm

Description

Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page.

References (1)

Scores

CVSS v3 6.1
EPSS 0.0022
EPSS Percentile 44.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (2)
feehi/feehicms < 2.1.1
feehi/feehicms 0Packagist
Published Dec 15, 2022
Tracked Since Feb 18, 2026