CVE-2021-45087 Information

Jun 07, 2022 cve

Description

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used as demonstrated by a a page title.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045 https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612 https://www.debian.org/security/2022/dsa-5042

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1

Share on: