CVE-2021-33192

Summary

A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 (inclusive).

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Jena FusekiApache Jena Fuseki2 2.0.0 to 4.0.0affected

Weaknesses

  • CWE-79: CWE-79, type 0 and type 2.

Workarounds

Users are advised to upgrade to Apache Jena 4.1.0 or later.

ADP Enrichment

CVE Program Container

Additional References

References