CVE-2021-4291

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-4291

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-4291.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-4291

Published

2022-12-27T23:15:10.677Z

Modified

2025-11-14T12:32:52.347687Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability affects unknown code of the file omod/src/main/webapp/pages/metadata/locations/location.gsp. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.6.0 is able to address this issue. The name of the patch is a7eefb5f69f6c50a3bffcb138bb8ea57cb41a9b6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216916.

References

Affected packages

Git / github.com/openmrs/openmrs-module-adminui

Affected ranges

Type: GIT
Repo: https://github.com/openmrs/openmrs-module-adminui
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

a7eefb5f69f6c50a3bffcb138bb8ea57cb41a9b6

Fixed

e3b64a7dd396dc2a0f2aee4531f3c4e7721ff796

Affected versions

1.*

1.0

1.1

1.2

1.2.1

1.2.2

1.2.3

1.2.4

1.2.5

1.3.0

1.4.0

1.5.0