Vulnerability Details : CVE-2021-21319
Galette is a membership management web application geared towards non profit organizations. In versions prior to 0.9.5, malicious javascript code can be stored to be displayed later on self subscription page. The self subscription feature can be disabled as a workaround (this is the default state). Malicious javascript code can be executed (not stored) on login and retrieve password pages. This issue is patched in version 0.9.5.
Vulnerability category: Cross site scripting (XSS)
Products affected by CVE-2021-21319
- cpe:2.3:a:galette:galette:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-21319
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 41 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-21319
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:P/A:N |
6.8
|
2.9
|
NIST | |
5.4
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
2.3
|
2.7
|
NIST | |
6.8
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N |
2.3
|
4.0
|
GitHub, Inc. |
CWE ids for CVE-2021-21319
-
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.Assigned by:
- nvd@nist.gov (Primary)
- security-advisories@github.com (Secondary)
References for CVE-2021-21319
-
https://github.com/galette/galette/commit/514418da973ae5b84bf97f94bd288a41e8e3f0a6
Prevent some possible XSS · galette/galette@514418d · GitHubPatch;Third Party Advisory
-
https://github.com/galette/galette/security/advisories/GHSA-vjc9-mj44-x59q
Several stored XSS · Advisory · galette/galette · GitHubThird Party Advisory
-
https://github.com/galette/galette/commit/f54b2570615d38d0302e937079233e52c2d80995
Add test on stored xss · galette/galette@f54b257 · GitHubPatch;Third Party Advisory
-
https://bugs.galette.eu/issues/1535
Galette bugs & featuresPermissions Required;Vendor Advisory
-
https://github.com/galette/galette/commit/8f3bdd9f7d0708466e011253064a867ca2b271a5
Fix stored XSS on dynamic fields configuration · galette/galette@8f3bdd9 · GitHubPatch;Third Party Advisory
Jump to