CVE-2021-43827 (GCVE-0-2021-43827)
Vulnerability from cvelistv5 – Published: 2021-12-14 22:20 – Updated: 2024-08-04 04:03
VLAI?
Title
Inline footnotes wrapped in <a> tags can cause errors in discourse-footnotes
Summary
discourse-footnote is a library providing footnotes for posts in Discourse. ### Impact When posting an inline footnote wrapped in `<a>` tags (e.g. `<a>^[footnote]</a>`, the resulting rendered HTML would include a nested `<a>`, which is stripped by Nokogiri because it is not valid. This then caused a javascript error on topic pages because we were looking for an `<a>` element inside the footnote reference span and getting its ID, and because it did not exist we got a null reference error in javascript. Users are advised to update to version 0.2. As a workaround editing offending posts from the rails console or the database console for self-hosters, or disabling the plugin in the admin panel can mitigate this issue.
Severity ?
4.3 (Medium)
CWE
- CWE-755 - Improper Handling of Exceptional Conditions
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| discourse | discourse-footnote |
Affected:
< 0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "discourse-footnote",
"vendor": "discourse",
"versions": [
{
"status": "affected",
"version": "\u003c 0.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "discourse-footnote is a library providing footnotes for posts in Discourse. ### Impact When posting an inline footnote wrapped in `\u003ca\u003e` tags (e.g. `\u003ca\u003e^[footnote]\u003c/a\u003e`, the resulting rendered HTML would include a nested `\u003ca\u003e`, which is stripped by Nokogiri because it is not valid. This then caused a javascript error on topic pages because we were looking for an `\u003ca\u003e` element inside the footnote reference span and getting its ID, and because it did not exist we got a null reference error in javascript. Users are advised to update to version 0.2. As a workaround editing offending posts from the rails console or the database console for self-hosters, or disabling the plugin in the admin panel can mitigate this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755: Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-14T22:20:09.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab"
}
],
"source": {
"advisory": "GHSA-58vr-c56v-qr57",
"discovery": "UNKNOWN"
},
"title": "Inline footnotes wrapped in \u003ca\u003e tags can cause errors in discourse-footnotes",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-43827",
"STATE": "PUBLIC",
"TITLE": "Inline footnotes wrapped in \u003ca\u003e tags can cause errors in discourse-footnotes"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "discourse-footnote",
"version": {
"version_data": [
{
"version_value": "\u003c 0.2"
}
]
}
}
]
},
"vendor_name": "discourse"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "discourse-footnote is a library providing footnotes for posts in Discourse. ### Impact When posting an inline footnote wrapped in `\u003ca\u003e` tags (e.g. `\u003ca\u003e^[footnote]\u003c/a\u003e`, the resulting rendered HTML would include a nested `\u003ca\u003e`, which is stripped by Nokogiri because it is not valid. This then caused a javascript error on topic pages because we were looking for an `\u003ca\u003e` element inside the footnote reference span and getting its ID, and because it did not exist we got a null reference error in javascript. Users are advised to update to version 0.2. As a workaround editing offending posts from the rails console or the database console for self-hosters, or disabling the plugin in the admin panel can mitigate this issue."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755: Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57",
"refsource": "CONFIRM",
"url": "https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57"
},
{
"name": "https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab",
"refsource": "MISC",
"url": "https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab"
}
]
},
"source": {
"advisory": "GHSA-58vr-c56v-qr57",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-43827",
"datePublished": "2021-12-14T22:20:09.000Z",
"dateReserved": "2021-11-16T00:00:00.000Z",
"dateUpdated": "2024-08-04T04:03:08.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2021-43827",
"date": "2026-04-28",
"epss": "0.00281",
"percentile": "0.51406"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-43827\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-12-14T23:15:08.020\",\"lastModified\":\"2024-11-21T06:29:52.763\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"discourse-footnote is a library providing footnotes for posts in Discourse. ### Impact When posting an inline footnote wrapped in `\u003ca\u003e` tags (e.g. `\u003ca\u003e^[footnote]\u003c/a\u003e`, the resulting rendered HTML would include a nested `\u003ca\u003e`, which is stripped by Nokogiri because it is not valid. This then caused a javascript error on topic pages because we were looking for an `\u003ca\u003e` element inside the footnote reference span and getting its ID, and because it did not exist we got a null reference error in javascript. Users are advised to update to version 0.2. As a workaround editing offending posts from the rails console or the database console for self-hosters, or disabling the plugin in the admin panel can mitigate this issue.\"},{\"lang\":\"es\",\"value\":\"discourse-footnote es una biblioteca que proporciona notas a pie de p\u00e1gina para los mensajes en Discourse. ### Impacto Cuando es publicada una nota al pie de p\u00e1gina en l\u00ednea envuelta en etiquetas \\\"(a)\\\" (por ejemplo, \\\"(a)^[footnote](/a)\\\", el HTML resultante incluye un \\\"(a)\\\" anidado, que es eliminado por Nokogiri porque no es v\u00e1lido. Esto causaba un error de javascript en las p\u00e1ginas de los temas porque busc\u00e1bamos un elemento \\\"(a)\\\" dentro del span de referencia de la nota al pie y obten\u00edamos su ID, y como no se presentaba obten\u00edamos un error de referencia null en javascript. Es recomendado a usuarios que actualicen a la versi\u00f3n 0.2. Como soluci\u00f3n a este problema, pueden editarse las entradas en cuesti\u00f3n desde la consola de rails o la consola de la base de datos en el caso de los auto alojados, o deshabilitar el plugin en el panel de administraci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:discourse:discourse_footnote:*:*:*:*:*:discourse:*:*\",\"versionEndExcluding\":\"0.2\",\"matchCriteriaId\":\"08855F99-016D-4D36-A462-6D60CB5C970F\"}]}]}],\"references\":[{\"url\":\"https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/discourse/discourse-footnote/commit/796617e0131277011207541313522cd1946661ab\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/discourse/discourse-footnote/security/advisories/GHSA-58vr-c56v-qr57\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…