CVE-2021-32092

Source
https://cve.org/CVERecord?id=CVE-2021-32092
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32092.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-32092
Published
2021-05-07T05:15:08.280Z
Modified
2026-03-14T10:58:20.397278Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A Cross-site scripting (XSS) vulnerability in the DocumentAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter.

References

Affected packages

Git / github.com/nationalsecurityagency/emissary

Affected ranges

Type
GIT
Repo
https://github.com/nationalsecurityagency/emissary
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "5.9.0"
        }
    ]
}

Affected versions

5.*
5.0.0
5.1.0
5.2.0
5.3.0
5.4.1
5.5.0
5.6.0
5.7.0
5.8.0
5.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32092.json"