{"id":"CVE-2021-43725","details":"There is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.","modified":"2026-05-15T12:04:21.453903559Z","published":"2022-03-28T13:15:07.693Z","database_specific":{},"references":[{"type":"REPORT","url":"https://github.com/spotweb/spotweb/issues/718"},{"type":"FIX","url":"https://github.com/spotweb/spotweb/commit/2bfa001689aae96009688a193c64478647ba45a1"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}