Advisory #19
| Title | remark42 cross-site scripting via locator.URL |
| CVE ID | CVE-2021-29271 |
| Vendor | Umputun |
| Affected product | remark42 |
| Affected versions | - 1.6.0 |
| Vulnerability type | CWE-79 (Cross-site Scripting) |
| Description | remark42 has a vulnerability that allows cross-site scripting via javascript: URL in locator.URL |
| Status | Fixed in 1.6.1 |
| Recommendation | Update to 1.6.1 or above |