CVE-2021-44543

EPSS 0.8%CWE-79

An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself.

Affected products

n/a · privoxy

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C https://www.privoxy.org/gitweb/?p=privoxy.git%3Ba=commit%3Bh=0e668e9409c