Vulnerability Database
Blog
FAQ
Docs
CVE-2021-42584
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-42584
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-42584.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-42584
Published
2021-12-17T14:15:07Z
Modified
2025-01-08T13:09:47.624867Z
Severity
5.4 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
[none]
Details
A Stored Cross Site Scripting (XSS) issue exists in Convos-Chat before 6.32.
References
https://dev696.github.io/Writeup/
https://github.com/convos-chat/convos/issues/623
https://github.com/convos-chat/convos/commit/14a3b1e98cd1a3211c0ef3d4f5ffdbc60baaca54
Affected packages
Git
/
github.com/convos-chat/convos
Affected ranges
Type
GIT
Repo
https://github.com/convos-chat/convos
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
14a3b1e98cd1a3211c0ef3d4f5ffdbc60baaca54
Fixed
14a3b1e98cd1a3211c0ef3d4f5ffdbc60baaca54
Affected versions
v0.*
v0.99.35
v0.99_21
v0.99_22
v0.99_23
v0.99_25
v0.99_26
v0.99_27
v0.99_28
v0.99_29
v0.99_30
v0.99_31
v0.99_32
v0.99_33
v0.99_34
v0.99_36
v0.99_37
v0.99_38
v0.99_39
v0.99_40
v1.*
v1.00
v1.01
v1.02
v2.*
v2.00
v3.*
v3.00
v3.01
v3.02
v3.03
v3.04
v3.05
v3.06
v3.08
v3.09
v3.10
v3.11
v3.12
v4.*
v4.00
v4.01
v4.02
v4.03
v4.04
v4.05
v4.06
v4.07
v4.08
v4.09
v4.10
v4.11
v4.12
v4.13
v4.14
v4.15
v4.16
v4.18
v4.19
v4.21
v4.22
v4.23
v4.24
v4.25
v4.26
v4.27
v4.28
v4.29
v4.30
v4.31
v4.32
v4.34
v4.35
v4.36
v4.37
v4.38
v4.39
v4.40
v4.41
v4.42
v5.*
v5.00
v5.01
v5.02
v5.03
v5.04
v5.05
v5.06
v5.07
v5.08
v5.09
v5.10
v5.11
v5.12
v5.13
v5.14
v5.15
v5.16
v5.17
v5.18
v5.19
v5.21
v5.22
v5.23
v5.24
v5.25
v5.26
v5.27
v5.28
v5.29
v5.30
v5.31
v5.32
v6.*
v6.00
v6.01
v6.02
v6.03
v6.04
v6.06
v6.07
v6.08
v6.09
v6.10
v6.11
v6.12
v6.13
v6.14
v6.15
v6.16
v6.17
v6.18
v6.19
v6.20
v6.21
v6.22
v6.23
v6.24
v6.25
v6.26
v6.27
v6.28
v6.29
v6.30
v6.31
CVE-2021-42584 - OSV