CVE-2021-33192: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

August 13, 2021

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 (inclusive).

References

github.com/advisories/GHSA-phwj-86vx-cfjc
nvd.nist.gov/vuln/detail/CVE-2021-33192

Code Behaviors & Features

Detect and mitigate CVE-2021-33192 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →