CVE-2021-41791
- Source
- https://cve.org/CVERecord?id=CVE-2021-41791
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-41791.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-41791
- Published
- 2021-10-21T09:15:08.867Z
- Modified
- 2026-05-28T04:07:08.348601547Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 and org.alfresco:community-share through 7.0. An evasion of the XSS filter for HTML input validation in the Alfresco Share User Interface leads to stored XSS that could be exploited by an attacker (given that he has privileges on the content collaboration features).
- Database specific
{ "unresolved_ranges": [ { "cpes": [ "cpe:2.3:a:alfresco:share:*:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "5.0.0.0" }, { "last_affected": "5.2.7.11" }, { "introduced": "5.0.0.0" }, { "last_affected": "5.2.7.11" } ], "source": "CPE_RANGE", "vendor_product": "alfresco:share" } ] }- References
Affected packages
Git
github.com/alfresco/acs-packaging
Affected ranges
- Type
- GIT
- Repo
- https://github.com/alfresco/acs-packaging
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "cpe": [ "cpe:2.3:a:alfresco:community_share:*:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:*:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:7.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:7.0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:7.0.1:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "0" }, { "last_affected": "7.0" }, { "introduced": "6.0.1.0" }, { "last_affected": "6.0.1.2" }, { "introduced": "6.0.2.0" }, { "last_affected": "6.2.2.4" }, { "introduced": "6.1.1.0" }, { "last_affected": "6.1.1.2" }, { "last_affected": "7.0.0.1" }, { "last_affected": "7.0.0.2" }, { "last_affected": "7.0.1" } ], "source": [ "CPE_RANGE", "CPE_STRING" ] }
Affected versions
6.*
6.2.2.4
7.*
7.0.0
7.0.0-A11
7.0.0-A12
7.0.0-A13
7.0.0-A14
7.0.0-A15
7.0.0-A16
7.0.0-A17
7.0.0-A20
7.0.0-A22
7.0.0-A23
7.0.0-A24
7.0.0-A25
7.0.0-A26
7.0.0-A27
7.0.0-A28
7.0.0-A29
7.0.0-A30
7.0.0-A9
7.0.0-M3
7.0.0.1
7.0.1
7.0.1-A1
7.0.1-A4
7.0.1-A5
7.0.1-A6
acs-packaging-6.*
acs-packaging-6.0.0
acs-packaging-6.0.0-EA1
acs-packaging-6.0.0-RC1
acs-packaging-6.0.0-RC2
acs-packaging-6.0.0-RC3
acs-packaging-6.0.0-RC4
acs-packaging-6.0.0-RC5
acs-packaging-6.0.0-RC6
acs-packaging-6.0.0-testRC3
acs-packaging-6.0.0-testRc4
acs-packaging-6.0.0-testRc6
acs-packaging-6.0.0-testRc7
acs-packaging-6.0.1
acs-packaging-6.0.1.1
acs-packaging-6.0.1.1-RC1
acs-packaging-6.0.1.2
acs-packaging-6.1.0-A1
acs-packaging-6.1.0-A2
acs-packaging-6.1.0-EA1
acs-packaging-6.1.0-EA2
acs-packaging-6.1.0-EA3
acs-packaging-6.1.0-RC2
acs-packaging-6.1.1
acs-packaging-6.1.1-RC1
acs-packaging-6.1.1-RC2
acs-packaging-6.1.1-RC3
acs-packaging-6.1.1.1
acs-packaging-6.1.1.2
acs-packaging-6.2.0-A1
acs-packaging-6.2.0-A2
acs-packaging-6.2.0-A3
acs-packaging-6.2.0-A4
acs-packaging-6.2.0-A5
acs-packaging-6.2.0-A6
acs-packaging-6.2.0-A7
acs-packaging-6.2.0-A8
acs-packaging-6.2.0-RC1
acs-packaging-6.2.0-RC2
acs-packaging-6.2.0-RC3
acs-packaging-6.2.1-A1
acs-packaging-6.2.1-A2
acs-packaging-6.2.1-A3
acs-packaging-6.2.1-A4
acs-packaging-6.2.1-RC1
acs-packaging-6.2.1-RC2
acs-packaging-6.2.1-RC3
acs-packaging-6.2.1-RC4
acs-packaging-6.2.1-RC5
acs-packaging-6.2.1-RC6
acs-packaging-6.2.2
acs-packaging-6.2.2-A1
acs-packaging-6.2.2-A2
acs-packaging-6.2.2-RC1
acs-packaging-6.2.2.1
acs-packaging-6.2.2.2
acs-packaging-6.3.0-A1
acs-packaging-6.3.0-A10
acs-packaging-6.3.0-A11
acs-packaging-6.3.0-A3
acs-packaging-6.3.0-A4
acs-packaging-6.3.0-A5
acs-packaging-6.3.0-A7
acs-packaging-6.3.0-A8
acs-packaging-6.3.0-A9
acs-packaging-7.*
acs-packaging-7.0.0-A1
acs-packaging-7.0.0-A2
acs-packaging-7.0.0-A3
acs-packaging-7.0.0-A4
acs-packaging-7.0.0-A5
acs-packaging-7.0.0-A6
acs-packaging-7.0.0-A7
acs-packaging-7.0.0-A8
acs-packaging-7.0.0-M1
acs-packaging-7.0.0-M2
github.com/alfresco/alfresco-community-share
Affected ranges
- Type
- GIT
- Repo
- https://github.com/alfresco/alfresco-community-share
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
- Database specific
{ "cpe": "cpe:2.3:a:alfresco:community_share:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "0" }, { "last_affected": "7.0" } ], "source": "CPE_RANGE" }
Affected versions
alfresco-share-parent-7.*
alfresco-share-parent-7.0.0
alfresco-share-parent-7.0.0-A10
alfresco-share-parent-7.0.0-A11
alfresco-share-parent-7.0.0-A12
alfresco-share-parent-7.0.0-A13
alfresco-share-parent-7.0.0-A14
alfresco-share-parent-7.0.0-A4
alfresco-share-parent-7.0.0-A5
alfresco-share-parent-7.0.0-A6
alfresco-share-parent-7.0.0-A7
alfresco-share-parent-7.0.0-A8
alfresco-share-parent-7.0.0-M3
github.com/alfresco/share
Affected ranges
- Type
- GIT
- Repo
- https://github.com/alfresco/share
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affected
- Database specific
{ "cpe": [ "cpe:2.3:a:alfresco:share:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:7.0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:alfresco:share:7.0.0.2:*:*:*:*:*:*:*" ], "extracted_events": [ { "introduced": "0" }, { "last_affected": "7.0" }, { "last_affected": "7.0.0.1" }, { "last_affected": "7.0.0.2" } ], "source": "CPE_STRING" }
Affected versions
alfresco-share-parent-6.*
alfresco-share-parent-6.0
alfresco-share-parent-6.0.0-rc1
alfresco-share-parent-6.0.0-rc2
alfresco-share-parent-6.0.0-rc3
alfresco-share-parent-6.0.0-rc4
alfresco-share-parent-6.0.0-rc5
alfresco-share-parent-6.0.0-rc6
alfresco-share-parent-6.0.a
alfresco-share-parent-6.0.b
alfresco-share-parent-6.0.c
alfresco-share-parent-6.1.0-A1
alfresco-share-parent-6.1.0-A4
alfresco-share-parent-6.1.0-A5
alfresco-share-parent-6.1.0-RC1
alfresco-share-parent-6.1.0-RC2
alfresco-share-parent-6.1.0-RC3
alfresco-share-parent-6.2.1-A1
alfresco-share-parent-6.2.1-A2
alfresco-share-parent-6.2.1-A3
alfresco-share-parent-6.2.1-A4
alfresco-share-parent-7.*
alfresco-share-parent-7.0.0
alfresco-share-parent-7.0.0-A1
alfresco-share-parent-7.0.0-A10
alfresco-share-parent-7.0.0-A11
alfresco-share-parent-7.0.0-A12
alfresco-share-parent-7.0.0-A13
alfresco-share-parent-7.0.0-A14
alfresco-share-parent-7.0.0-A2
alfresco-share-parent-7.0.0-A4
alfresco-share-parent-7.0.0-A5
alfresco-share-parent-7.0.0-A6
alfresco-share-parent-7.0.0-A7
alfresco-share-parent-7.0.0-A8
alfresco-share-parent-7.0.0-M1
alfresco-share-parent-7.0.0-M2
alfresco-share-parent-7.0.0-M3