Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1nOXBoLXI5aGMtMzRyOM4AAxva

Erxes vulnerable to Cross-site Scripting

Erxes, an experience operating system (XOS) with a set of plugins, is vulnerable to cross-site scripting in all versions. This results in client-side code execution. The victim must follow a malicious link or be redirected there from malicious web site. There are no known patches.

Permalink: https://github.com/advisories/GHSA-g9ph-r9hc-34r8
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1nOXBoLXI5aGMtMzRyOM4AAxva
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 year ago
Updated: about 1 year ago

CVSS Score: 6.1
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Identifiers: GHSA-g9ph-r9hc-34r8, CVE-2021-32853
References:

Repository: https://github.com/erxes/erxes
Blast Radius: 0.0

Affected Packages

npm:erxes

Dependent packages: 1
Dependent repositories: 1
Downloads: 6,697 last month
Affected Version Ranges: <= 1.0.1
No known fixed version
All affected versions: 0.0.1, 0.0.2, 0.0.4, 0.0.5, 0.0.6, 0.0.7, 0.0.8, 0.0.9, 0.0.10, 0.0.11, 0.0.12, 0.1.0, 0.1.2, 0.1.3, 0.1.4, 0.1.5, 0.1.6, 0.1.7, 0.1.8, 0.1.9, 0.1.10, 0.1.11, 0.1.12, 0.1.13, 0.1.14, 0.1.15, 0.1.16, 0.1.17, 0.1.18, 0.1.19, 0.1.20, 0.1.21, 0.1.22, 0.1.23, 0.1.25, 0.1.26, 0.1.27, 0.1.28, 0.1.29, 0.1.30, 0.1.31, 0.1.32, 0.1.33, 0.1.34, 0.1.35, 0.1.36, 0.1.37, 0.1.38, 0.1.39, 0.1.40, 0.1.41, 0.1.42, 0.1.43, 0.1.44, 0.1.45, 0.1.46, 0.1.47, 0.1.48, 0.1.49, 0.1.50, 0.1.51, 0.1.52, 0.1.53, 0.1.54, 0.1.55, 0.1.56, 0.1.57, 0.1.58, 0.1.59, 0.1.60, 0.1.61, 0.1.62, 0.1.63, 0.1.64, 0.1.65, 0.1.66, 0.1.67, 0.1.68, 0.1.69, 0.1.70, 0.1.71, 0.1.72, 0.1.73, 0.1.74, 0.1.75, 0.1.76, 0.1.77, 0.1.78, 0.1.79, 0.1.80, 0.1.81, 0.1.82, 0.1.83, 0.1.84, 0.1.85, 0.1.86, 0.1.87, 0.1.88, 0.1.89, 0.1.90, 0.1.91, 0.1.92, 0.1.93, 0.1.94, 0.1.95, 0.1.96, 0.1.97, 0.1.98, 0.1.99, 0.1.100, 0.2.1, 0.2.2, 0.2.3, 0.2.4, 0.2.5, 0.2.6, 0.2.7, 0.2.8, 0.2.9, 0.2.10, 0.2.11, 0.2.12, 0.2.18, 0.2.19, 0.2.20, 0.2.21, 0.2.22, 0.2.23, 0.2.24, 0.2.25, 0.2.26, 0.2.27, 0.2.28, 0.2.29, 0.2.30, 0.2.31, 0.2.32, 0.2.33, 0.2.34, 0.2.35, 0.2.36, 0.2.37, 0.2.38, 0.2.39, 0.2.40, 0.2.41, 0.2.42, 0.2.43, 0.2.44, 0.2.45, 0.2.46, 0.2.47, 0.2.48, 0.2.49, 0.2.50, 0.2.51, 0.2.52, 0.2.53, 0.2.54, 0.2.55, 0.2.56, 0.2.57, 0.2.58, 0.2.59, 0.2.60, 0.2.61, 0.2.62, 0.2.63, 0.2.64, 0.2.65, 0.2.66, 0.2.67, 0.2.68, 0.2.69, 0.2.70, 0.2.71, 0.2.72, 0.2.73, 0.2.74, 0.2.75, 0.2.76, 0.2.77, 0.2.78, 0.2.79, 0.2.80, 0.2.81, 0.2.82, 0.2.83, 0.2.84, 0.2.85, 0.2.86, 0.2.87, 0.2.88, 0.2.89, 0.2.90, 0.2.91, 0.2.92, 0.2.93, 0.2.94, 0.2.95, 0.2.96, 0.2.97, 0.2.98, 0.2.99, 0.2.100, 0.2.101, 0.2.102, 0.2.103, 0.2.104, 0.2.105, 0.2.106, 0.2.107, 0.2.108, 0.2.109, 0.2.110, 0.2.111, 0.2.112, 0.2.113, 0.2.114, 0.2.115, 0.2.116, 0.2.117, 0.2.118, 0.2.119, 0.2.120, 0.3.0, 0.3.1, 0.3.2, 0.3.3, 0.3.4, 0.3.5, 0.3.6, 0.3.7, 0.3.8, 0.3.9, 0.3.10, 0.3.11, 0.3.12, 0.3.13, 0.3.14, 0.3.15, 0.3.16, 0.3.17, 0.3.18, 0.3.19, 0.3.20, 0.3.21, 0.3.22, 0.3.23, 0.3.24, 0.3.25, 0.3.26, 0.3.27, 0.3.28, 0.3.29, 0.3.30, 0.3.31, 0.3.32, 0.3.34, 0.3.35, 0.3.36, 0.3.37, 0.3.38, 0.3.39, 0.3.42, 0.3.44, 0.3.45, 0.3.46, 0.3.47, 0.3.48, 0.3.49, 0.3.50, 0.3.51, 0.3.52, 0.3.53, 0.3.54, 0.3.55, 0.3.56, 0.3.57, 0.3.58, 0.3.59, 0.3.60, 0.3.61, 0.3.62, 0.3.63, 0.3.64, 0.3.65, 0.3.66, 0.3.67, 0.3.68, 0.3.69, 0.3.70, 0.3.71, 0.3.72, 0.3.73, 0.3.74, 0.3.75, 0.3.76, 0.3.77, 0.3.78, 0.3.79, 0.3.80, 0.3.81, 0.3.82, 0.3.83, 0.3.84, 0.3.85, 0.3.86, 0.3.87, 0.3.88, 0.3.89, 0.3.90, 0.3.91, 0.3.92, 0.3.93, 0.3.94, 0.3.95, 0.3.96, 0.3.97, 0.3.98, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.4.4, 0.4.5, 0.4.6, 0.4.7, 0.4.8, 0.4.9, 0.4.10, 0.4.11, 0.4.12, 0.4.13, 0.4.14, 0.4.15, 0.4.16, 0.4.17, 0.4.18, 0.4.20, 0.4.21, 0.4.22, 0.4.23, 0.4.24, 0.4.25, 0.4.26, 0.4.27, 0.4.28, 0.19.3, 0.19.4, 0.20.6, 0.20.7, 1.0.0