Medium severity6.1NVD Advisory· Published Feb 21, 2023· Updated Jun 17, 2026
CVE-2021-32858
CVE-2021-32858
Description
esdoc-publish-html-plugin is a plugin for the document maintenance software ESDoc. TheHTML sanitizer in esdoc-publish-html-plugin 1.1.2 and prior can be bypassed which may lead to cross-site scripting (XSS) issues. There are no known patches for this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <=1.1.2
<=1.1.2+ 1 more
- (no CPE)range: <=1.1.2
- (no CPE)range: 1.1.2
Patches
Vulnerability mechanics
References
2- github.com/esdoc/esdoc-plugins/blob/2de5022baa569785a189056a99acd1d7ca8284b7/esdoc-publish-html-plugin/src/Builder/util.jsnvdPatchThird Party Advisory
- securitylab.github.com/advisories/GHSL-2021-1034_esdoc-publish-html-plugin/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.