CVE-2021-25313: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
(updated )
A Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Rancher allows remote attackers to execute JavaScript via malicious links. This issue affects: SUSE Rancher Rancher versions prior to 2.5.6.
References
- bugzilla.suse.com/show_bug.cgi?id=1181852
- github.com/advisories/GHSA-6m8r-jh89-rq7h
- github.com/rancher/rancher/issues/31583
- github.com/rancher/rancher/releases/tag/v2.3.11
- github.com/rancher/rancher/releases/tag/v2.4.14
- github.com/rancher/rancher/releases/tag/v2.5.6
- nvd.nist.gov/vuln/detail/CVE-2021-25313
Detect and mitigate CVE-2021-25313 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →