CVE-2021-3977

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-3977

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3977.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-3977

Aliases

GHSA-xg6r-5gx4-qxjm

Published

2021-12-24T20:15:08.137Z

Modified

2026-04-10T04:37:27.843929Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

invoiceninja is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

References

Affected packages

Git / github.com/invoiceninja/invoiceninja

Affected ranges

Type

GIT

Repo

https://github.com/invoiceninja/invoiceninja

Events

Introduced

Fixed

53bebc4d0f530573e27cd2526af1eb465706ed08

Introduced

3239a1c041cad5d174e460b526f1fa6b96cec66a

Fixed

dcc4b13524ff290620c83ea80920adf6cb3585a0

Fixed

1186eaa82375692d01d5ef3369c5b7bc7315b55f

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.5.47"
        },
        {
            "introduced": "5.0"
        },
        {
            "fixed": "5.3.33"
        }
    ]
}

Affected versions

v4.*

v4.5.20

v4.5.21

v4.5.22

v4.5.23

v4.5.24

v4.5.27

v4.5.28

v4.5.29

v4.5.30

v4.5.31

v4.5.32

v4.5.33

v4.5.34

v4.5.35

v4.5.36

v4.5.37

v4.5.38

v4.5.39

v4.5.40

v4.5.41

v4.5.42

v4.5.43

v4.5.44

v4.5.45

v4.5.46

v5.*

v5.0

v5.0-release

v5.0.1

v5.0.1-release

v5.0.10

v5.0.10-release

v5.0.11

v5.0.12

v5.0.12-release

v5.0.13

v5.0.13-release

v5.0.16

v5.0.16-release

v5.0.17

v5.0.17-release

v5.0.18

v5.0.18-release

v5.0.19

v5.0.19-release

v5.0.2

v5.0.2-release

v5.0.20

v5.0.20-release

v5.0.21

v5.0.21-release

v5.0.22

v5.0.23

v5.0.23-release

v5.0.23r

v5.0.23r-release

v5.0.24

v5.0.24-release

v5.0.25

v5.0.25-release

v5.0.26

v5.0.26-release

v5.0.27

v5.0.27-r1

v5.0.27-release

v5.0.28

v5.0.29

v5.0.29-release

v5.0.3

v5.0.3-release

v5.0.30

v5.0.30-release

v5.0.31

v5.0.31-release

v5.0.32

v5.0.33

v5.0.33-release

v5.0.34

v5.0.34-release

v5.0.35

v5.0.35-release

v5.0.36

v5.0.37

v5.0.38

v5.0.38-release

v5.0.39

v5.0.39-release

v5.0.4

v5.0.4-release

v5.0.40

v5.0.41

v5.0.41-release

v5.0.42

v5.0.42-release

v5.0.43

v5.0.43-release

v5.0.44

v5.0.44-release

v5.0.45

v5.0.45-release

v5.0.46

v5.0.46-release

v5.0.47

v5.0.47-release

v5.0.48

v5.0.48-release

v5.0.49

v5.0.49-release

v5.0.5

v5.0.5-release

v5.0.50

v5.0.50-release

v5.0.51

v5.0.51-release

v5.0.52

v5.0.52-release

v5.0.53

v5.0.53-release

v5.0.54

v5.0.54-release

v5.0.55

v5.0.55-release

v5.0.56

v5.0.56-release

v5.0.6

v5.0.7

v5.0.8

v5.0.9

v5.1.0

v5.1.0-release

v5.1.1

v5.1.1-release

v5.1.10

v5.1.10-release

v5.1.11

v5.1.11-release

v5.1.12

v5.1.12-release

v5.1.13

v5.1.13-release

v5.1.14

v5.1.14-release

v5.1.15

v5.1.15-release

v5.1.16

v5.1.16-release

v5.1.17

v5.1.17-release

v5.1.18

v5.1.18-release

v5.1.19

v5.1.19-release

v5.1.2

v5.1.2-release

v5.1.20

v5.1.20-release

v5.1.21

v5.1.21-release

v5.1.22

v5.1.22-release

v5.1.23

v5.1.23-release

v5.1.24

v5.1.24-release

v5.1.25

v5.1.25-release

v5.1.26

v5.1.26-release

v5.1.27

v5.1.27-release

v5.1.28

v5.1.28-release

v5.1.29

v5.1.29-release

v5.1.3

v5.1.3-release

v5.1.30

v5.1.30-release

v5.1.31

v5.1.31-release

v5.1.32

v5.1.32-release

v5.1.33

v5.1.33-release

v5.1.34

v5.1.34-release

v5.1.35

v5.1.35-release

v5.1.36

v5.1.36-release

v5.1.37

v5.1.37-release

v5.1.38

v5.1.38-release

v5.1.39

v5.1.39-release

v5.1.4

v5.1.4-release

v5.1.40

v5.1.40-release

v5.1.41

v5.1.41-release

v5.1.42

v5.1.42-release

v5.1.43

v5.1.43-release

v5.1.44

v5.1.44-release

v5.1.45

v5.1.45-release

v5.1.46

v5.1.46-release

v5.1.47

v5.1.47-release

v5.1.48

v5.1.48-release

v5.1.49

v5.1.49-release

v5.1.5

v5.1.5-release

v5.1.50

v5.1.50-release

v5.1.51

v5.1.51-release

v5.1.52

v5.1.52-release

v5.1.53

v5.1.53-release

v5.1.54

v5.1.54-release

v5.1.55

v5.1.55-release

v5.1.56

v5.1.56-release

v5.1.57

v5.1.57-release

v5.1.58

v5.1.58-release

v5.1.59

v5.1.59-release

v5.1.6

v5.1.6-release

v5.1.60

v5.1.60-release

v5.1.61

v5.1.61-release

v5.1.62

v5.1.62-release

v5.1.63

v5.1.63-release

v5.1.64

v5.1.64-release

v5.1.65

v5.1.65-release

v5.1.66

v5.1.66-release

v5.1.67

v5.1.67-release

v5.1.68

v5.1.68-release

v5.1.69

v5.1.69-release

v5.1.7

v5.1.7-release

v5.1.70

v5.1.70-release

v5.1.71

v5.1.71-release

v5.1.72

v5.1.73

v5.1.73-release

v5.1.74

v5.1.74-release

v5.1.8

v5.1.8-release

v5.1.9

v5.1.9-release

v5.2.0

v5.2.0-release

v5.2.1

v5.2.1-release

v5.2.10

v5.2.11

v5.2.12

v5.2.13

v5.2.14

v5.2.15

v5.2.16

v5.2.17

v5.2.18

v5.2.19

v5.2.2

v5.2.2-release

v5.2.3

v5.2.4

v5.2.4-1

v5.2.4-2

v5.2.4-3

v5.2.5

v5.2.5-release

v5.2.6

v5.2.7

v5.2.8

v5.2.9

v5.3.0

v5.3.1

v5.3.10

v5.3.11

v5.3.12

v5.3.13

v5.3.14

v5.3.15

v5.3.16

v5.3.17

v5.3.18

v5.3.19

v5.3.2

v5.3.20

v5.3.21

v5.3.22

v5.3.23

v5.3.24

v5.3.25

v5.3.26

v5.3.27

v5.3.28

v5.3.29

v5.3.3

v5.3.30

v5.3.31

v5.3.32

v5.3.4

v5.3.5

v5.3.6

v5.3.7

v5.3.8

v5.3.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3977.json"