Advisory #47
| Title | Refined GitHub cross-site scripting via links in documents |
| CVE ID | CVE-2021-34364 |
| Vendor | Refined GitHub Maintainers |
| Affected product | Refined GitHub |
| Affected versions | - 21.6.1 |
| Vulnerability type | CWE-79 (Cross-site Scripting) |
| Description | Refined GitHub has a vulnerability that allows a malicious link to inject arbitrary HTMLs. NOTE: This vulnerability is mitigated by GitHub's strict CSP. |
| Status | Fixed in 21.6.8 |
| Recommendation | Update to 21.6.8 or above |