Moderate severityNVD Advisory· Published Feb 5, 2021· Updated Aug 3, 2024
CVE-2021-26722
CVE-2021-26722
Description
LinkedIn Oncall through 1.4.0 allows reflected XSS via /query because of mishandling of the "No results found for" message in the search bar.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
oncallPyPI | < 1.4.1 | 1.4.1 |
Affected products
2- LinkedIn/Oncalldescription
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-rfw2-x9f8-2f6mghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-26722ghsaADVISORY
- github.com/linkedin/oncall/commit/843bc106a1c1b1699e9e52b6b0d01c7efe1d6225ghsaWEB
- github.com/linkedin/oncall/issues/341ghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/oncall/PYSEC-2021-33.yamlghsaWEB
- pypi.org/project/oncallghsaWEB
News mentions
0No linked articles in our index yet.