CVE-2021-33192

MEDIUM6.1EPSS 3.4%

Cross-site scripting in Apache Jena Fuseki

發布日:2021/8/13修改日:2026/4/28

描述

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 (inclusive).

受影響套件(2)

Debian/apache-jenafrom 0, < 4.5.0-1
Maven/org.apache.jena:jena-fuseki>= 2.0.0, < 4.1.0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

參考連結(3)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-33192
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2021-33192
WEBhttps://lists.apache.org/thread.html/r684d8943d755a96fe90f8cd8df196737b6bde3f2b74e15a9bd479975%40%3Cusers.jena.apache.org%3E