A vulnerability, which was classified as problematic, has been found in leanote 2.6.1. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is 0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19 | Patch |
https://vuldb.com/?ctiid.216461 | Third Party Advisory |
https://vuldb.com/?id.216461 | Third Party Advisory |
Configurations
History
29 Feb 2024, 01:33
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Nov 2023, 01:33
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://vuldb.com/?ctiid.216461 - Third Party Advisory | |
CPE | cpe:2.3:a:leanote:leanote:2.6.1:*:*:*:*:*:*:* |
20 Oct 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability, which was classified as problematic, has been found in leanote 2.6.1. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is 0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability. |
03 Mar 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability, which was classified as problematic, has been found in leanote 2.6.1. This issue affects the function define of the file public/js/plugins/history.js. The manipulation of the argument content leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 0f9733c890077942150696dcc6d2b1482b7a0a19. It is recommended to apply a patch to fix this issue. The identifier VDB-216461 was assigned to this vulnerability. | |
References |
|
27 Dec 2022, 22:47
Type | Values Removed | Values Added |
---|---|---|
References | (N/A) https://github.com/leanote/leanote/commit/0f9733c890077942150696dcc6d2b1482b7a0a19 - Patch, Third Party Advisory | |
References | (N/A) https://vuldb.com/?id.216461 - Third Party Advisory | |
CWE | CWE-74 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CPE | cpe:2.3:a:leanote:leanote:*:*:*:*:*:*:*:* | |
First Time |
Leanote
Leanote leanote |
21 Dec 2022, 19:23
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-21 19:15
Updated : 2024-05-17 02:03
NVD link : CVE-2021-4263
Mitre link : CVE-2021-4263
CVE.ORG link : CVE-2021-4263
JSON object : View
Products Affected
leanote
- leanote
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')