CVE-2021-3346

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-3346

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3346.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3346

Published

2021-01-29T17:15:12.887Z

Modified

2026-03-14T10:59:21.639597Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Foris before 101.1.1, as used in Turris OS, lacks certain HTML escaping in the login template.

References

Affected packages

Git / gitlab.nic.cz/turris/foris/foris

Affected ranges

Type

GIT

Repo

https://gitlab.nic.cz/turris/foris/foris

Events

Introduced

Fixed

e06d3276451a7a5aabf7de68c80e8197e0b55ecb

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "101.1"
        }
    ]
}

Affected versions

package-v100.*

package-v100.0

package-v100.1

package-v100.2

package-v100.3

package-v100.4

package-v100.5

package-v100.6

package-v100.7

package-v101.*

package-v101.0

Other

package-v29

package-v30

package-v31

package-v32

package-v33

package-v34

package-v35

package-v36

package-v37

package-v38

package-v39

package-v40

package-v41

package-v42

package-v43

package-v44

package-v45

package-v46

package-v47

package-v48

package-v49

package-v50

package-v51

package-v52

package-v53

package-v54

package-v55

package-v56

package-v57

package-v58

package-v59

package-v60

package-v61

package-v62

package-v63

package-v64

package-v65

package-v66

package-v67

package-v68

package-v69

package-v70

package-v71

package-v72

package-v73

package-v74

package-v75

package-v76

package-v77

package-v78

package-v79

package-v80

package-v81

package-v82

package-v83

package-v84

package-v85

package-v86

package-v87

package-v88

package-v89

package-v90

package-v92

package-v93

package-v95

package-v97

package-v98

package-v95.*

package-v95.1

package-v95.2

package-v95.5

package-v95.6

package-v95.7

package-v95.8

package-v95.9

package-v96.*

package-v96.5

package-v96.6

package-v96.7

package-v96.8

package-v97.*

package-v97.1

package-v97.10

package-v97.11

package-v97.12

package-v97.13

package-v97.2

package-v97.3

package-v97.4

package-v97.5

package-v97.6

package-v97.7

package-v97.8

package-v97.9

package-v98.*

package-v98.1

package-v98.10

package-v98.11

package-v98.12

package-v98.13

package-v98.14

package-v98.14.1

package-v98.15

package-v98.16

package-v98.17

package-v98.18

package-v98.19

package-v98.19.1

package-v98.2

package-v98.3

package-v98.4

package-v98.5

package-v98.6

package-v98.7

package-v98.8

package-v98.9

package-v99.*

package-v99.0

package-v99.1

package-v99.10

package-v99.2

package-v99.3

package-v99.3.1

package-v99.3.2

package-v99.4

package-v99.5

package-v99.6

package-v99.6.1

package-v99.7

package-v99.7.1

package-v99.7.2

package-v99.7.3

package-v99.7.4

package-v99.7.5

package-v99.8

package-v99.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3346.json"