{
  "schema_version": "1.4.0",
  "id": "GHSA-rjqp-837c-gqg6",
  "modified": "2022-05-24T17:41:13Z",
  "published": "2022-05-24T17:41:13Z",
  "aliases": [
    "CVE-2021-3258"
  ],
  "details": "Question2Answer Q2A Ultimate SEO Version 1.3 is affected by cross-site scripting (XSS), which may lead to arbitrary remote code execution.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3258"
    },
    {
      "type": "WEB",
      "url": "https://github.com/q2a-projects/Q2A-Ultimate-SEO/commit/20069f28147c6f2c3acca4e3f6f5154537c5d536"
    },
    {
      "type": "WEB",
      "url": "https://nirmaldahal.com.np/sxss-to-defacement-and-account-takeover"
    },
    {
      "type": "WEB",
      "url": "https://www.question2answer.org/qa/58520/important-q2a-ultimate-seo-important-update"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-02-05T16:15:00Z"
  }
}