{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T18:48:21.065","vulnerabilities":[{"cve":{"id":"CVE-2021-41086","sourceIdentifier":"security-advisories@github.com","published":"2021-09-21T21:15:07.130","lastModified":"2024-11-21T06:25:25.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jsuites is an open source collection of common required javascript web components. In affected versions users are subject to cross site scripting (XSS) attacks via clipboard content. jsuites is vulnerable to DOM based XSS if the user can be tricked into copying _anything_ from a malicious and pasting it into the html editor. This is because a part of the clipboard content is directly written to `innerHTML` allowing for javascript injection and thus XSS. Users are advised to update to version 4.9.11 to resolve."},{"lang":"es","value":"jsuites es una colección de código abierto de componentes web javascript comunes necesarios. En las versiones afectadas los usuarios están sujetos a ataques de tipo cross site scripting (XSS) por medio del contenido del portapapeles. jsuites es vulnerable a un ataque de tipo XSS basado en el DOM si es posible engañar al usuario para que copie _anything_ de un malicioso y lo pegue en el editor html. Esto es debido a que una parte del contenido del portapapeles es escrita directamente en \"innerHTML\", permitiendo una inyección de javascript y, por tanto, un ataque de tipo XSS. Se recomienda a usuarios que actualicen a la versión 4.9.11 para resolverlo"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jsuites:jsuites:*:*:*:*:*:*:*:*","versionEndExcluding":"4.9.11","matchCriteriaId":"E2FCB12E-821F-4EC0-9023-7FA9BDF2528D"}]}]}],"references":[{"url":"https://github.com/jsuites/jsuites/commit/d47a6f4e143188dde2742f4cffd313e1068ad3b3","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jsuites/jsuites/commit/fe1d3cc5e339f2f4da8ed1f9f42271fdf9cbd8d2","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jsuites/jsuites/security/advisories/GHSA-qh7x-j4v8-qw5w","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/jsuites/jsuites/commit/d47a6f4e143188dde2742f4cffd313e1068ad3b3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jsuites/jsuites/commit/fe1d3cc5e339f2f4da8ed1f9f42271fdf9cbd8d2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/jsuites/jsuites/security/advisories/GHSA-qh7x-j4v8-qw5w","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}