CVE-2021-39391
MEDIUM6.1EPSS 0.24%Cross-site Scripting in Beego
Published: 9/15/2021Modified: 12/7/2023
Also known as:GHSA-c77f-4rgj-jfr4
Description
Cross Site Scripting (XSS) vulnerability exists in the admin panel in Beego v2.0.1 via the URI path in an HTTP request, which is activated by administrators viewing the "Request Statistics" page.
Affected packages (1)
- Go/github.com/beego/beego/v2from 0, < 2.0.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |