CVE-2021-32561
- Source
- https://cve.org/CVERecord?id=CVE-2021-32561
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32561.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-32561
- Aliases
- Published
- 2021-05-11T14:15:07.390Z
- Modified
- 2026-03-10T23:35:39.281708Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
OctoPrint before 1.6.0 allows XSS because API error messages include the values of input parameters.
- References
Affected packages
Git / github.com/foosel/octoprint
Affected ranges
- Type
- GIT
- Repo
- https://github.com/foosel/octoprint
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
- Database specific
{ "versions": [ { "introduced": "0" }, { "fixed": "1.6.0" } ] }
- Type
- Repo
- https://github.com/octoprint/octoprint
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixedb6ebe7c8539b86acb217483b853910d23518967f
Affected versions
1.*
1.0.0
1.0.0-rc1
1.0.0-rc2
1.1.0
1.1.0-dev
1.1.0-rc1
1.1.0-rc2
1.1.1
1.1.2
1.2.0
1.2.0-dev
1.2.0-rc1
1.2.0-rc2
1.2.0-rc3
1.2.1
1.2.10
1.2.11
1.2.12
1.2.13
1.2.14
1.2.15
1.2.16
1.2.16rc1
1.2.16rc2
1.2.17
1.2.17rc1
1.2.17rc2
1.2.17rc3
1.2.17rc4
1.2.18
1.2.18rc1
1.2.2
1.2.3
1.2.4
1.2.5
1.2.6
1.2.7
1.2.8
1.2.9
1.3.0
1.3.0rc1
1.3.0rc2
1.3.0rc3
1.3.1
1.3.10
1.3.10rc1
1.3.10rc2
1.3.10rc3
1.3.10rc4
1.3.11
1.3.11rc1
1.3.11rc2
1.3.11rc3
1.3.12
1.3.12rc1
1.3.12rc2
1.3.12rc3
1.3.1rc1
1.3.1rc2
1.3.2
1.3.2rc1
1.3.3
1.3.3rc1
1.3.3rc2
1.3.3rc3
1.3.4
1.3.5
1.3.5rc1
1.3.5rc2
1.3.5rc3
1.3.5rc4
1.3.6
1.3.6rc1
1.3.6rc2
1.3.6rc3
1.3.7
1.3.7rc1
1.3.7rc2
1.3.7rc3
1.3.7rc4
1.3.8
1.3.9
1.3.9rc1
1.3.9rc2
1.3.9rc3
1.3.9rc4
1.4.0
1.4.0rc1
1.4.0rc2
1.4.0rc3
1.4.0rc4
1.4.0rc5
1.4.0rc6
1.4.1
1.4.1rc1
1.4.1rc2
1.4.1rc3
1.4.1rc4
1.4.2
1.5.0
1.5.0rc1
1.5.0rc2
1.5.0rc3
1.5.1
1.5.2
1.5.3
1.6.0rc1
1.6.0rc2
1.6.0rc3