CVE-2021-44543
Summary
| CVE | CVE-2021-44543 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-23 20:15:00 UTC |
| Updated | 2023-11-07 03:39:00 UTC |
| Description | An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 404 Not Found | www.privoxy.org | ||
| www.privoxy.org Git | www.privoxy.org | ||
| www.privoxy.org Git - privoxy.git/commit | MISC | www.privoxy.org | |
| 404 Not Found | MISC | www.privoxy.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 178937 Debian Security Update for privoxy (DLA 2844-1)
- 179716 Debian Security Update for privoxy (CVE-2021-44543)
- 199134 Ubuntu Security Notification for Privoxy Vulnerabilities (USN-5826-1)
- 296062 Oracle Solaris 11.4 Support Repository Update (SRU) 43.113.3 Missing (CPUJAN2022)
- 500551 Alpine Linux Security Update for privoxy
- 504320 Alpine Linux Security Update for privoxy
- 690748 Free Berkeley Software Distribution (FreeBSD) Security Update for privoxy (897e1962-5d5a-11ec-a3ed-040e3c3cf7e7)
- 751572 OpenSUSE Security Update for privoxy (openSUSE-SU-2021:1646-1)