Cross-site scripting in Apache Jena Fuseki
Moderate severity
GitHub Reviewed
Published
Aug 13, 2021
to the GitHub Advisory Database
•
Updated Feb 1, 2023
Package
Affected versions
>= 2.0.0, <= 4.0.0
Patched versions
4.1.0
Description
Published by the National Vulnerability Database
Jul 5, 2021
Reviewed
Jul 6, 2021
Published to the GitHub Advisory Database
Aug 13, 2021
Last updated
Feb 1, 2023
A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 (inclusive).
References