CVE-2021-21283

🗓️ 26 Jan 2021 20:45:24Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 71 Views

Flarum Sticky extension v0.1.0-beta.14 and v0.1.0-beta.15 XSS vulnerabilit

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-21283	27 Jan 202100:36	–	circl
CNNVD	Flarum Sticky Cross-Site Scripting Vulnerability	26 Jan 202100:00	–	cnnvd
Cvelist	CVE-2021-21283 XSS in Flarum Sticky extension.	26 Jan 202120:45	–	cvelist
EUVD	EUVD-2021-0503	7 Oct 202500:30	–	euvd
Github Security Blog	XSS in Flarum Sticky extension	29 Jan 202118:13	–	github
NVD	CVE-2021-21283	26 Jan 202121:15	–	nvd
OSV	GHSA-H3GG-7WX2-CQ3H XSS in Flarum Sticky extension	29 Jan 202118:13	–	osv
Prion	Cross site scripting	26 Jan 202121:15	–	prion
RedhatCVE	CVE-2021-21283	22 May 202521:31	–	redhatcve
Veracode	Cross-site Scripting (XSS)	1 Feb 202106:52	–	veracode

NVD

Vulners

Node

flarum stickyMatch0.1.0beta14

flarum stickyMatch0.1.0beta15

[
  {
    "product": "sticky",
    "vendor": "flarum",
    "versions": [
      {
        "status": "affected",
        "version": ">=v0.1.0-beta.14 <=v0.1.0-beta.15"
      }
    ]
  }
]

Source	Link
github	www.github.com/flarum/sticky/pull/24
github	www.github.com/flarum/sticky/security/advisories/GHSA-h3gg-7wx2-cq3h
discuss	www.discuss.flarum.org/d/26042-security-update-to-flarum-sticky-010-beta151%29
github	www.github.com/flarum/sticky/commit/7ebd30462bd405c4c0570b93a6d48710e6c3db19