Moderate severityNVD Advisory· Published Jan 18, 2022· Updated Aug 4, 2024
CVE-2021-44217
CVE-2021-44217
Description
In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeCheckerService API.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
codecheckerPyPI | < 6.18.2 | 6.18.2 |
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=6.18.0
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
11- github.com/advisories/GHSA-fxmx-pfm2-85m2ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-44217ghsaADVISORY
- codechecker-demo.eastus.cloudapp.azure.comghsaWEB
- codechecker-demo.eastus.cloudapp.azure.commitrex_refsource_MISC
- github.com/Ericsson/codechecker/commit/72ee51158e6d81150320223b85410c179b9ee2b1ghsaWEB
- github.com/Ericsson/codechecker/pull/3549ghsax_refsource_MISCWEB
- github.com/Ericsson/codechecker/releasesghsax_refsource_MISCWEB
- github.com/Ericsson/codechecker/releases/tag/v6.18.2ghsaWEB
- github.com/Hyperkopite/CVE-2021-44217/blob/main/README.mdghsax_refsource_MISCWEB
- github.com/pypa/advisory-database/tree/main/vulns/codechecker-api/PYSEC-2022-43181.yamlghsaWEB
- user-images.githubusercontent.com/9525971/142965091-e118b012-a7fc-4c2f-ad0c-80aeed6f7ec9.pngghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.