S4E

CVE-2021-35323 Scanner

Detects 'Cross Site Scripting (XSS)' vulnerability in Bludit affects version 3.13.1.

SCAN NOW

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 second

Time Interval

4 week

Scan only one

Domain, Ipv4

Toolbox

-

Bludit is a simple, fast, and flexible CMS that allows for the creation and management of web pages and blogs. It's known for its ease of use, extensibility through plugins, and emphasis on privacy and speed. The platform is utilized by bloggers, small business owners, and developers looking for a lightweight solution to deploy websites without the complexity of databases, as it stores content in flat files.

The XSS vulnerability in Bludit 3.13.1 is triggered during the user authentication process on the admin login page. By crafting a malicious username input that includes a script tag, attackers can execute arbitrary JavaScript code in the context of the user's browser session. This flaw exposes the application to various malicious activities, including session hijacking, redirection to phishing sites, and defacement of the web application.

The exploitation of this XSS vulnerability could compromise the security of the website, affect user trust, and potentially lead to unauthorized access to sensitive information. Users could be redirected to malicious sites, become victims of phishing attacks, or unknowingly download malware. For website administrators, this could result in the loss of control over their site, damage to reputation, and legal implications if user data is compromised.

At S4E, our advanced scanning technology enables us to detect vulnerabilities like CVE-2021-35323 in your digital infrastructure. By becoming a member, you gain access to comprehensive vulnerability assessments, detailed reports, and actionable remediation guidance. Our platform helps you strengthen your cybersecurity posture, ensuring your website and user data remain secure against emerging threats.

 

References

Get started to protecting your Free Full Security Scan