CVE-2021-45087

Name
CVE-2021-45087
Description
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045
MISC https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnome:epiphany:*:*:*:*:*:*:*:* epiphany >= None < 40.4
cpe:2.3:a:gnome:epiphany:*:*:*:*:*:*:*:* epiphany >= 41.0 < 41.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
epiphany 3.15-community 41.0-r0 Rasmus Thomsen <oss@cogitri.dev> possibly vulnerable
epiphany edge-community 41.0-r1 Rasmus Thomsen <oss@cogitri.dev> possibly vulnerable