Vulnerability Details CVE-2021-32850
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 72.2%
CVSS Severity
CVSS v3 Score 6.1
References
- https://github.com/claviska/jquery-minicolors/commit/ef134824a7f4110ada53ea6c173111a4fa2f48f3
- https://github.com/claviska/jquery-minicolors/releases/tag/2.3.6
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC5HV4ESLV2E23YGHNJ542QEZBH6YE2F/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDXBWA54A7D6HMR2TN5BAYNCU7HO2PUO/
- https://securitylab.github.com/advisories/GHSL-2021-1045_jQuery_MiniColors_Plugin/
- https://github.com/claviska/jquery-minicolors/commit/ef134824a7f4110ada53ea6c173111a4fa2f48f3
- https://github.com/claviska/jquery-minicolors/releases/tag/2.3.6
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC5HV4ESLV2E23YGHNJ542QEZBH6YE2F/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDXBWA54A7D6HMR2TN5BAYNCU7HO2PUO/
- https://securitylab.github.com/advisories/GHSL-2021-1045_jQuery_MiniColors_Plugin/
Products affected by CVE-2021-32850
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:-
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.0
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.1
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.2
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.3
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.4
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.5
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.0.6
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.0
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.1
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.10
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.11
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.12
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.2
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.3
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.4
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.5
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.6
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.7
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.8
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.1.9
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.0
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.1
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.2
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.3
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.4
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.5
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.2.6
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.3.0
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.3.1
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.3.2
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.3.3
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.3.4
-
cpe:2.3:a:jquery-minicolors_project:jquery-minicolors:2.3.5