CVE-2021-39413

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-39413

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-39413.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-39413

Aliases

BIT-seopanel-2021-39413

Published

2021-11-05T16:15:07.653Z

Modified

2025-11-14T12:14:29.410532Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Multiple Cross Site Scripting (XSS) vulnerabilities exits in SEO Panel v4.8.0 via the (1) totime parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) socialmedia.php, and (j) reports.php; the (2) fromtime parameter in (a) backlinks.php, (b) analytics.php, (c) log.php, (d) overview.php, (e) pagespeed.php, (f) rank.php, (g) review.php, (h) saturationchecker.php, (i) socialmedia.php, (j) webmaster-tools.php, and (k) reports.php; the (3) ordercol parameter in (a) analytics.php, (b) review.php, (c) socialmedia.php, and (d) webmaster-tools.php; and the (4) pageno parameter in (a) alerts.php, (b) log.php, (c) keywords.php, (d) proxy.php, (e) searchengine.php, and (f) siteauditor.php.

References

https://sisl.lab.uic.edu/projects/chess/seo-panel/

Affected packages

Git / github.com/seopanel/seo-panel

Affected ranges

Type: GIT
Repo: https://github.com/seopanel/seo-panel
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

2e0fd822f8c613b65d81362cf3e252fd55ac7a6f

Affected versions

4.*

4.2.0

4.3.0

4.4.0

4.5.0

4.6.0

4.7.0

4.8.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-39413.json"