YouPHPTube <= 7.8 - Cross-Site Scripting Key Information Severity: MEDIUM Date: January 13, 2026 Affecting: YouPHPTube <= 7.8 CVE: CVE-2021-47750 CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CVSS: CVSS:3.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Exploit: ExploitDB-51101 Archived Homepage: Archived YouPHPTube Homepage Credit: Rafael Pedrero Description YouPHPTube <= 7.8 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the redirectUri parameter in the signup page. Attackers can craft special signup URLs with embedded script tags to execute arbitrary JavaScript in victims' browsers when they access the signup page.