Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk2NTItNzhocC13NThj

Stored cross-site scripting in PressBooks

PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS can be submitted via the Book Info's Long Description Body, and all actions to open or preview the books page will result in the triggering the stored XSS.

Permalink: https://github.com/advisories/GHSA-9652-78hp-w58c
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk2NTItNzhocC13NThj
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: over 3 years ago
Updated: over 1 year ago


CVSS Score: 4.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Identifiers: GHSA-9652-78hp-w58c, CVE-2021-3271
References: Repository: https://github.com/pressbooks/pressbooks
Blast Radius: 2.3

Affected Packages

packagist:pressbooks/pressbooks
Dependent packages: 3
Dependent repositories: 3
Downloads: 36,456 total
Affected Version Ranges: < 5.18.0
Fixed in: 5.18.0
All affected versions: 2.3.4, 3.3.0, 3.3.1, 3.3.2, 3.4.0, 3.5.0, 3.5.1, 3.5.2, 3.6.0, 3.6.1, 3.6.2, 3.6.3, 3.7.0, 3.7.1, 3.8.0, 3.8.1, 3.9.0, 3.9.1, 3.9.2, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 3.9.8, 3.9.9, 3.9.10, 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.2.0, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.4.0, 4.5.0, 4.5.1, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.1.1, 5.2.0, 5.2.1, 5.3.0, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 5.4.6, 5.4.7, 5.5.0, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 5.5.6, 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.7.0, 5.7.1, 5.7.2, 5.8.0, 5.8.1, 5.8.2, 5.8.3, 5.9.0, 5.9.1, 5.9.2, 5.9.3, 5.9.4, 5.9.5, 5.10.0, 5.10.1, 5.11.0, 5.12.0, 5.13.0, 5.14.0, 5.14.1, 5.14.2, 5.14.3, 5.14.4, 5.14.5, 5.14.6, 5.15.0, 5.15.1, 5.15.2, 5.15.3, 5.16.0, 5.16.1, 5.16.2, 5.16.3, 5.17.0, 5.17.1, 5.17.2, 5.17.3
All unaffected versions: 5.18.0, 5.18.1, 5.18.2, 5.19.0, 5.19.1, 5.20.0, 5.20.1, 5.21.0, 5.22.0, 5.23.0, 5.24.0, 5.25.0, 5.26.0, 5.27.0, 5.27.1, 5.28.0, 5.29.0, 5.30.0, 5.31.0, 5.31.1, 5.32.0, 5.33.0, 5.33.1, 5.34.0, 5.34.1, 5.35.0, 5.35.1, 5.36.0, 5.36.1, 5.37.0, 6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.2.0, 6.2.1, 6.3.0, 6.4.0, 6.5.0, 6.5.1, 6.6.0, 6.7.0, 6.8.0, 6.9.0, 6.9.1, 6.9.2, 6.9.3, 6.10.0, 6.11.0, 6.12.0, 6.13.0, 6.14.0, 6.15.0, 6.15.1, 6.15.2, 6.16.0, 6.17.0, 6.17.1, 6.18.0, 6.18.1, 6.18.2, 6.19.0, 6.19.1, 6.19.2, 6.20.0, 6.20.1, 6.20.2