NVD - CVE-2021-4243

Vulnerability Change Records for CVE-2021-4243

Change History

CVE Modified by VulDB 2/21/2023 2:15:13 AM

Action	Type	Old Value	New Value
Changed	Description	A vulnerability was found in claviska jquery-minicolors up to 2.3.5. It has been rated as problematic. Affected by this issue is some unknown functionality of the file jquery.minicolors.js. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.3.6 is able to address this issue. The name of the patch is ef134824a7f4110ada53ea6c173111a4fa2f48f3. It is recommended to upgrade the affected component. VDB-215306 is the identifier assigned to this vulnerability.	A vulnerability was found in claviska jquery-minicolors up to 2.3.5. It has been rated as problematic. Affected by this issue is some unknown functionality of the file jquery.minicolors.js. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.3.6 is able to address this issue. The name of the patch is ef134824a7f4110ada53ea6c173111a4fa2f48f3. It is recommended to upgrade the affected component. VDB-215306 is the identifier assigned to this vulnerability.
Removed	CVSS V3.1	VulDB AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Added	CVSS V3		VulDB AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Added	CVSS V2		VulDB (AV:N/AC:L/Au:S/C:N/I:P/A:N)
Removed	CWE	VulDB CWE-707
Removed	CWE	VulDB CWE-74
Added	Reference		https://codepen.io/webbiesdk/pen/oNBQNNV [No Types Assigned]
Added	Reference		https://securitylab.github.com/advisories/GHSL-2021-1045_jQuery_MiniColors_Plugin/ [No Types Assigned]
Added	Reference		https://vuldb.com/?ctiid.215306 [No Types Assigned]
Removed	CVSS V3.1 Reason	C-Information leaked appears non-critical/sensitive
Removed	CVSS V3.1 Reason	PR-No privileges needed
Removed	CVSS V3.1 Reason	S-Security boundary
Removed	CWE Reason	CWE-707 / More specific CWE option available