What the vulnerability does
01Description
yourls is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-3783
MEDIUM
CVE-2021-3783: Cross-site Scripting (XSS) - Reflected in yourls/yourls
CVSS base score
6.6/10
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Key dates
02Disclosure timeline
September 15, 2021
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-6613 Typecho Logo options-theme.php cross site scripting
CVE-2017-15888
CVE-2025-3821 SourceCodester Web-based Pharmacy Product Management System add-admin.php cross site scripting
CVE-2024-38038 BUG-000165732 - Reflected XSS in Portal for ArcGIS
CVE-2025-47680 WordPress xili-tidy-tags plugin <= 1.12.06 - Reflected Cross Site Scripting (XSS) vulnerability
