CVE-2021-47750

MEDIUM

Youphptube < 7.8 - XSS

Title source: rule

Description

YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.

Exploits (1)

exploitdb WORKING POC

by Rafael Pedrero · textwebappsphp

https://www.exploit-db.com/exploits/51101

View Code ZIP pw:eip

References (3)

[Not Applicable] https://web.archive.org/web/20170506141644/https://www.youphptube.com/

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/51101

[Third Party Advisory] https://www.vulncheck.com/advisories/youphptube-cross-site-scripting

Scores

CVSS v3 6.1

EPSS 0.0004

EPSS Percentile 12.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

youphptube/youphptube < 7.8

Published Jan 13, 2026

Tracked Since Feb 18, 2026