CVE-2020-21101

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-21101
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-21101.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-21101
Published
2021-04-29T17:15:08.877Z
Modified
2025-11-14T10:56:21.911021Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versions, including v1.8.2 (2019-09-25-Screenly-OSE-lite.img), in the 'Add Asset' page via manipulation of a 'URL' field, which could let a remote malicious user execute arbitrary code.

References

Affected packages

Git / github.com/screenly/screenly-ose

Affected ranges

Type
GIT
Repo
https://github.com/screenly/screenly-ose
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
014bc04b11d4bebc8f4fa2430209421070e04f2c
Last affected
02543d21b5ed2f5d7c864b5a264e9e766d6fd7ac
Last affected
2b192f32574e1a3fef876ab10b21c9725e205d0b
Last affected
618864dbc056790c8f138b0da79a6a3041adbed3
Last affected
62bfe2ff477122ee97bf1b1017e94abffad52013
Last affected
6c2c2fd78099895fc3797024f926af77c16fa38d
Last affected
71526ead57c486e3e6fb1e57924bf9d1c7ff186e
Last affected
7bef4244e4ffca4a173716266e1837865a40a5dd
Last affected
7f3be71ebd00f04d117ce629b2d4af7626cc7564
Last affected
85732dd849d430cd1202f1dbdf75961ff9463f21
Last affected
8a98dc0e55cd7a98e036486dd0b50451fa824103
Last affected
8eabdfbaee4e67e537e689714a5b76000ee8f085
Last affected
8f329b0914d0ae88e6571700b0a1db1dd6cfeb90
Last affected
ed949788244749a3b701113e761dd2ab59ce3466

Affected versions

v0.*
v0.10
v0.11
v0.12
v0.12.1
v0.13
v0.14
v0.9
v0.9.1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-21101.json"