CVE-2021-45085

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-45085

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45085.json

Related

DLA-3074-1
DSA-5042-1
USN-5561-1

Published

2021-12-16T03:15:00Z

Modified

2023-10-10T14:20:52.435845Z

Details

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list.

References

https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045
https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612
https://www.debian.org/security/2022/dsa-5042
https://lists.debian.org/debian-lts-announce/2022/08/msg00006.html

Affected packages

Git / gitlab.gnome.org/GNOME/epiphany

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/epiphany
Events: Introduced

d8163fa7ea74b2be14da9d4217e9d3e0c41cdb2a

Fixed

18623a5da5bf2b492cf7725bc29c7997623f4de3

Affected versions

41.*

41.0