CVE-2021-33192
MEDIUMApache Jena Fuseki 2.0.0-4.0.0 - Cross-Site Scripting in HTML Pages
Title source: llmDescription
A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from version 2.0.0 to version 4.0.0 (inclusive).
References (1)
Core 1
Core References
Mailing List, Vendor Advisory x_refsource_misc
https://lists.apache.org/thread.html/r684d8943d755a96fe90f8cd8df196737b6bde3f2b74e15a9bd479975%40%3Cusers.jena.apache.org%3E
Scores
CVSS v3
6.1
EPSS
0.0338
EPSS Percentile
87.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
apache/jena_fuseki
2.0.0 - 4.1.0
org.apache.jena/jena-fuseki
2.0.0 - 4.1.0Maven
Published
Jul 05, 2021
Tracked Since
Feb 18, 2026