Vulnerabilities > CVE-2021-24476 - Unspecified vulnerability in Steam Group Viewer Project Steam Group Viewer 2.1

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

steam-group-viewer-project

NVD

Published: 2021-08-02

Updated: 2024-11-21

Summary

The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its "Steam Group Address" settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue

Vulnerable Configurations

Part	Description	Count
Application	Steam_Group_Viewer_Project Steam Group Viewer Project Steam Group Viewer - Steam Group Viewer Project Steam Group Viewer 2.1	2

References

https://wpscan.com/vulnerability/d1885641-9547-4dd5-84be-ba4a160ee1f5
https://wpscan.com/vulnerability/d1885641-9547-4dd5-84be-ba4a160ee1f5