Countly, a product analytics solution, is vulnerable to cross-site scripting prior to version 21.11 of the community edition. The victim must follow a malicious link or be redirected there from malicious web site. The attacker must have an account or be able to create one. This issue is patched in version 21.11.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-02-20T00:00:00
Updated: 2024-08-03T23:33:56.093Z
Reserved: 2021-05-12T00:00:00
Link: CVE-2021-32852
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-20T22:15:11.160
Modified: 2024-11-21T06:07:53.133
Link: CVE-2021-32852
Redhat
No data.