Vulnerability Details CVE-2021-38193
An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.5%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2021-38193
-
cpe:2.3:a:ammonia_project:ammonia:-
-
cpe:2.3:a:ammonia_project:ammonia:0.1.0
-
cpe:2.3:a:ammonia_project:ammonia:0.1.1
-
cpe:2.3:a:ammonia_project:ammonia:0.1.2
-
cpe:2.3:a:ammonia_project:ammonia:0.1.3
-
cpe:2.3:a:ammonia_project:ammonia:0.2.0
-
cpe:2.3:a:ammonia_project:ammonia:0.3.0
-
cpe:2.3:a:ammonia_project:ammonia:0.4.0
-
cpe:2.3:a:ammonia_project:ammonia:0.5.0
-
cpe:2.3:a:ammonia_project:ammonia:0.6.0
-
cpe:2.3:a:ammonia_project:ammonia:0.6.1
-
cpe:2.3:a:ammonia_project:ammonia:0.7.0
-
cpe:2.3:a:ammonia_project:ammonia:1.0.0
-
cpe:2.3:a:ammonia_project:ammonia:1.0.1
-
cpe:2.3:a:ammonia_project:ammonia:1.1.0
-
cpe:2.3:a:ammonia_project:ammonia:1.2.0
-
cpe:2.3:a:ammonia_project:ammonia:2.0.0
-
cpe:2.3:a:ammonia_project:ammonia:2.1.0
-
cpe:2.3:a:ammonia_project:ammonia:2.1.1
-
cpe:2.3:a:ammonia_project:ammonia:2.1.2
-
cpe:2.3:a:ammonia_project:ammonia:2.1.3
-
cpe:2.3:a:ammonia_project:ammonia:3.0.0