CVE-2021-34364

The Refined GitHub browser extension before 21.6.8 might allow XSS via a link in a document. NOTE: github.com sends Content-Security-Policy headers to, in general, address XSS and other concerns.
References
Link Resource
https://vuln.ryotak.me/advisories/47 Third Party Advisory
https://github.com/sindresorhus/refined-github/releases/tag/21.6.8 Release Notes Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:refined-github_project:refined-github:*:*:*:*:*:*:*:*

Information

Published : 2021-06-09 11:15

Updated : 2021-06-10 23:25


NVD link : CVE-2021-34364

Mitre link : CVE-2021-34364


JSON object : View

Products Affected

refined-github_project

  • refined-github
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')