{"id":"CVE-2020-19611","details":"Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter.","modified":"2026-03-14T10:14:54.534573Z","published":"2021-12-07T16:15:07.190Z","references":[{"type":"WEB","url":"http://racktables.com"},{"type":"FIX","url":"https://github.com/RackTables/racktables/commit/2ce35adeaa47f60dc51875b2339725db3b23e827"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/racktables/racktables","events":[{"introduced":"0"},{"last_affected":"7654b793ebd5b34ebdd40494a48035cdbc1e7d5b"},{"fixed":"2ce35adeaa47f60dc51875b2339725db3b23e827"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.21.2"}]}}],"versions":["RackTables-0.14.10","RackTables-0.14.11","RackTables-0.14.6","RackTables-0.14.8","RackTables-0.14.9","RackTables-0.15.0","RackTables-0.16.0","RackTables-0.16.1","RackTables-0.16.2","RackTables-0.16.3","RackTables-0.16.4","RackTables-0.17.0","RackTables-0.18.0","RackTables-0.18.1","RackTables-0.18.2","RackTables-0.18.3","RackTables-0.19.0","RackTables-0.19.1","RackTables-0.19.2","RackTables-0.19.3","RackTables-0.20.0","RackTables-0.20.1","RackTables-0.20.10","RackTables-0.20.11","RackTables-0.20.12","RackTables-0.20.13","RackTables-0.20.2","RackTables-0.20.3","RackTables-0.20.4","RackTables-0.20.5","RackTables-0.20.6","RackTables-0.20.8","RackTables-0.20.9","RackTables-0.21.0","RackTables-0.21.1","RackTables-0.21.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-19611.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}