CVE-2021-33347
- Source
- https://cve.org/CVERecord?id=CVE-2021-33347
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-33347.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-33347
- Published
- 2021-06-18T11:15:08.683Z
- Modified
- 2025-11-14T11:57:15.602328Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in JPress v3.3.0 and below. There are XSS vulnerabilities in the template module and tag management module. If you log in to the background by means of weak password, the storage XSS vulnerability can occur.
- References
Affected packages
Git / github.com/jpressprojects/jpress
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jpressprojects/jpress
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
0.*
0.0.1
0.0.2
0.0.3
0.1
0.2
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
0.3.0
0.4.0
v1.*
v1.0
v1.0-beta1
v1.0-beta2
v1.0-beta3
v1.0-rc.10
v1.0-rc.3
v1.0-rc.4
v1.0-rc.5
v1.0-rc.6
v1.0-rc.7
v1.0-rc.8
v1.0-rc.9
v1.0-rc1
v1.0-rc2
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v2.*
v2.0-rc.1
v2.0-rc.2
v2.0-rc.3
v2.0-rc.4
v2.0-rc.6
v2.0-rc.7
v2.0-rc.8
v2.0-rc.9
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.0.8
v3.*
v3.0-rc.1
v3.0.0
v3.0.0-alpha.1
v3.0.0-alpha.2
v3.0.0-beta.1
v3.0.0-beta.2
v3.0.0-rc.2
v3.0.0-rc.3
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.1.0
v3.1.1
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.3.0