{"id":"CVE-2021-25926","details":"In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Therefore, an attacker can steal a user's sessionID to masquerade as a victim user, to carry out any actions in the context of the user.","aliases":["GHSA-x823-j7c4-vpc5","PYSEC-2021-148"],"modified":"2026-04-10T04:31:09.293180Z","published":"2021-04-12T14:15:16.413Z","references":[{"type":"FIX","url":"https://github.com/SiCKRAGE/SiCKRAGE/commit/9f42426727e16609ad3d1337f6637588b8ed28e4"},{"type":"FIX","url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25926%2C"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/sickrage/sickrage","events":[{"introduced":"033bac326fae46d5f8f8071c7fd3649699dc0103"},{"fixed":"d1ee4b0548d9d1a00a7361a636ea55f316bd8c61"},{"introduced":"0"},{"last_affected":"07c0210c12c341fdebab124e7df3367f12221415"},{"fixed":"9f42426727e16609ad3d1337f6637588b8ed28e4"}],"database_specific":{"versions":[{"introduced":"9.3.54"},{"fixed":"10.0.11"},{"introduced":"0"},{"last_affected":"10.0.11-dev1"}]}}],"versions":["10.0.0","10.0.0.dev10","10.0.0.dev11","10.0.0.dev12","10.0.0.dev13","10.0.0.dev14","10.0.0.dev15","10.0.0.dev16","10.0.0.dev17","10.0.0.dev18","10.0.0.dev19","10.0.0.dev2","10.0.0.dev20","10.0.0.dev21","10.0.0.dev22","10.0.0.dev23","10.0.0.dev24","10.0.0.dev25","10.0.0.dev26","10.0.0.dev27","10.0.0.dev28","10.0.0.dev29","10.0.0.dev3","10.0.0.dev30","10.0.0.dev31","10.0.0.dev33","10.0.0.dev34","10.0.0.dev35","10.0.0.dev4","10.0.0.dev5","10.0.0.dev6","10.0.0.dev7","10.0.0.dev8","10.0.0.dev9","10.0.1","10.0.1.dev1","10.0.10","10.0.10.dev1","10.0.10.dev2","10.0.11.dev1","10.0.2","10.0.2.dev1","10.0.3","10.0.3.dev1","10.0.4","10.0.4.dev1","10.0.4.dev2","10.0.4.dev3","10.0.4.dev4","10.0.5","10.0.5.dev1","10.0.6","10.0.6.dev1","10.0.7","10.0.7.dev1","10.0.7.dev2","10.0.8","10.0.8.dev1","10.0.8.dev2","10.0.8.dev3","10.0.9","10.0.9.dev1","10.0.9.dev2","4.2.0","4.2.1","4.2.2","4.2.3","4.2.4","4.2.5","6.0.22","6.0.23","6.0.24","6.0.30","6.0.45","6.0.50","6.0.52","6.0.55","6.0.56","6.0.57","6.0.58","6.0.59","7.0.0","7.0.10","7.0.12","7.0.16","7.0.17","7.0.18","7.0.2","7.0.21","7.0.22","7.0.3","7.0.5","9.3.13.dev5","9.3.18.dev1","9.3.18.dev2","9.3.18.dev3","9.3.19.dev1","9.3.19.dev2","9.3.19.dev3","9.3.20.dev1","9.3.20.dev2","9.3.20.dev3","9.3.20.dev4","9.3.20.dev5","9.3.20.dev6","9.3.21.dev1","9.3.21.dev2","9.3.21.dev3","9.3.21.dev4","9.3.22.dev1","9.3.22.dev2","9.3.22.dev3","9.3.22.dev4","9.3.23.dev1","9.3.23.dev2","9.3.27.dev1","9.3.35.dev1","9.3.35.dev2","9.3.36.dev1","9.3.56.dev1","9.3.56.dev10","9.3.56.dev11","9.3.56.dev12","9.3.56.dev13","9.3.56.dev14","9.3.56.dev15","9.3.56.dev16","9.3.56.dev17","9.3.56.dev18","9.3.56.dev19","9.3.56.dev2","9.3.56.dev20","9.3.56.dev21","9.3.56.dev22","9.3.56.dev23","9.3.56.dev24","9.3.56.dev25","9.3.56.dev26","9.3.56.dev27","9.3.56.dev28","9.3.56.dev29","9.3.56.dev3","9.3.56.dev4","9.3.56.dev5","9.3.56.dev6","9.3.56.dev7","9.3.56.dev8","9.3.56.dev9","9.3.58.dev1","9.3.58.dev2","9.3.59.dev1","9.3.59.dev2","9.3.59.dev3","9.3.60.dev1","9.3.65.dev1","9.3.65.dev2","9.3.65.dev3","9.3.66.dev1","9.3.66.dev2","9.3.70.dev1","9.3.70.dev2","9.3.72.dev1","9.3.74.dev1","9.3.79.dev1","9.3.79.dev10","9.3.79.dev2","9.3.79.dev3","9.3.79.dev4","9.3.79.dev5","9.3.79.dev6","9.3.79.dev7","9.3.79.dev8","9.3.79.dev9","9.3.80.dev1","9.3.80.dev2","9.3.80.dev3","9.3.80.dev4","9.3.80.dev5","9.3.80.dev6","9.3.81.dev1","9.3.83.dev1","9.4.100","9.4.101","9.4.102","9.4.103","9.4.104","9.4.105","9.4.106","9.4.107","9.4.108","9.4.109","9.4.110","9.4.111","9.4.113","9.4.114","9.4.115","9.4.116","9.4.117","9.4.118","9.4.119","9.4.120","9.4.122","9.4.124","9.4.129","9.4.130","9.4.131","9.4.132","9.4.133","9.4.134","9.4.135","9.4.136","9.4.137","9.4.138","9.4.139","9.4.140","9.4.141","9.4.142","9.4.143","9.4.144","9.4.145","9.4.146","9.4.147","9.4.148","9.4.149","9.4.150","9.4.151","9.4.152","9.4.153","9.4.154","9.4.155","9.4.156","9.4.157","9.4.158","9.4.159","9.4.160","9.4.161","9.4.163","9.4.164","9.4.164.dev1","9.4.164.dev2","9.4.165","9.4.165.dev1","9.4.166","9.4.166.dev1","9.4.167","9.4.167.dev1","9.4.168","9.4.168.dev1","9.4.168.dev2","9.4.169","9.4.169.dev1","9.4.169.dev2","9.4.170","9.4.171","9.4.171.dev1","9.4.172","9.4.172.dev1","9.4.173","9.4.173.dev1","9.4.174","9.4.174.dev1","9.4.175","9.4.175.dev1","9.4.176","9.4.177","9.4.178","9.4.178.dev1","9.4.178.dev10","9.4.178.dev11","9.4.178.dev12","9.4.178.dev13","9.4.178.dev14","9.4.178.dev15","9.4.178.dev16","9.4.178.dev17","9.4.178.dev2","9.4.178.dev3","9.4.178.dev4","9.4.178.dev5","9.4.178.dev6","9.4.178.dev7","9.4.178.dev8","9.4.178.dev9","9.4.179","9.4.179.dev1","9.4.180","9.4.180.dev1","9.4.181","9.4.181.dev1","9.4.182","9.4.182.dev1","9.4.182.dev2","9.4.183","9.4.183.dev1","9.4.184.dev1","9.4.184.dev5","9.4.184.dev6","9.4.184.dev7","9.4.184.dev8","9.4.184.dev9","9.4.186","9.4.186.dev2","9.4.187","9.4.187.dev1","9.4.187.dev2","9.4.187.dev3","9.4.187.dev5","9.4.188.dev1","9.4.189.dev1","9.4.190","9.4.190.dev2","9.4.191.dev1","9.4.192","9.4.192.dev3","9.4.193","9.4.193.dev2","9.4.194","9.4.194.dev1","9.4.194.dev2","9.4.194.dev3","9.4.194.dev4","9.4.194.dev5","9.4.194.dev6","9.4.195","9.4.195.dev1","9.4.196","9.4.196.dev1","9.4.200","9.4.200.dev1","9.4.200.dev10","9.4.200.dev2","9.4.200.dev3","9.4.200.dev4","9.4.200.dev5","9.4.200.dev6","9.4.200.dev7","9.4.200.dev8","9.4.200.dev9","9.4.201","9.4.201.dev1","9.4.202","9.4.202.dev1","9.4.202.dev10","9.4.202.dev11","9.4.202.dev12","9.4.202.dev13","9.4.202.dev14","9.4.202.dev15","9.4.202.dev16","9.4.202.dev17","9.4.202.dev18","9.4.202.dev19","9.4.202.dev2","9.4.202.dev20","9.4.202.dev21","9.4.202.dev22","9.4.202.dev23","9.4.202.dev24","9.4.202.dev25","9.4.202.dev26","9.4.202.dev27","9.4.202.dev28","9.4.202.dev29","9.4.202.dev3","9.4.202.dev30","9.4.202.dev31","9.4.202.dev32","9.4.202.dev33","9.4.202.dev34","9.4.202.dev35","9.4.202.dev36","9.4.202.dev4","9.4.202.dev5","9.4.202.dev6","9.4.202.dev7","9.4.202.dev8","9.4.202.dev9","9.4.203","9.4.203.dev1","9.4.205","9.4.205.dev1","9.4.205.dev2","9.4.205.dev3","9.4.205.dev4","9.4.205.dev5","9.4.206","9.4.206.dev1","9.4.207","9.4.207.dev1","9.4.207.dev2","9.4.208","9.4.208.dev1","9.4.208.dev2","9.4.208.dev3","9.4.208.dev4","9.4.208.dev5","9.4.209","9.4.209.dev1","9.4.210","9.4.210.dev1","9.4.211","9.4.211.dev1","9.4.211.dev2","9.4.212","9.4.212.dev1","9.4.212.dev10","9.4.212.dev11","9.4.212.dev12","9.4.212.dev13","9.4.212.dev14","9.4.212.dev15","9.4.212.dev16","9.4.212.dev17","9.4.212.dev18","9.4.212.dev19","9.4.212.dev2","9.4.212.dev20","9.4.212.dev21","9.4.212.dev22","9.4.212.dev23","9.4.212.dev24","9.4.212.dev25","9.4.212.dev26","9.4.212.dev28","9.4.212.dev29","9.4.212.dev3","9.4.212.dev30","9.4.212.dev31","9.4.212.dev32","9.4.212.dev33","9.4.212.dev34","9.4.212.dev35","9.4.212.dev36","9.4.212.dev37","9.4.212.dev38","9.4.212.dev39","9.4.212.dev4","9.4.212.dev40","9.4.212.dev41","9.4.212.dev42","9.4.212.dev43","9.4.212.dev44","9.4.212.dev45","9.4.212.dev46","9.4.212.dev47","9.4.212.dev48","9.4.212.dev49","9.4.212.dev5","9.4.212.dev50","9.4.212.dev51","9.4.212.dev52","9.4.212.dev6","9.4.212.dev7","9.4.212.dev8","9.4.212.dev9","9.4.213","9.4.213.dev1","9.4.214","9.4.214.dev1","9.4.214.dev2","9.4.214.dev3","9.4.214.dev4","9.4.214.dev5","9.4.214.dev6","9.4.214.dev7","9.4.215","9.4.215.dev1","9.4.216","9.4.216.dev1","9.4.216.dev2","9.4.216.dev3","9.4.216.dev4","9.4.216.dev5","9.4.216.dev6","9.4.217","9.4.217.dev1","9.4.218","9.4.218.dev1","9.4.219","9.4.219.dev1","9.4.219.dev2","9.4.219.dev3","9.4.219.dev4","9.4.219.dev5","9.4.219.dev6","9.4.220","9.4.220.dev1","9.4.221","9.4.221.dev1","9.4.222","9.4.222.dev1","9.4.223","9.4.223.dev1","9.4.224.dev1","9.4.224.dev2","9.4.224.dev3","9.4.224.dev4","9.4.224.dev5","9.4.224.dev6","9.4.224.dev7","9.4.224.dev8","9.4.224.dev9","9.4.29.dev1","9.4.29.dev2","9.4.30.dev1","9.4.31.dev1","9.4.31.dev2","9.4.31.dev3","9.4.31.dev4","9.4.31.dev5","9.4.36.dev1","9.4.36.dev2","9.4.36.dev3","9.4.41.dev1","9.4.48.dev1","9.4.48.dev2","9.4.48.dev3","9.4.48.dev4","9.4.48.dev5","9.4.48.dev6","9.4.48.dev7","9.4.48.dev8","9.4.48.dev9","9.4.56.dev1","9.4.56.dev2","9.4.56.dev3","9.4.56.dev4","9.4.56.dev5","9.4.58.dev1","9.4.59.dev1","9.4.59.dev3","9.4.62.dev1","9.4.69.dev1","9.4.70.dev1","9.4.74.dev1","9.4.74.dev2","9.4.85","9.4.86","9.4.87","9.4.88","9.4.89","9.4.90","9.4.91","9.4.92","9.4.93","9.4.94","9.4.95","9.4.96","9.4.97","9.4.98","9.4.99","show","v3.0.0","v3.1.0","v3.2.0","v3.2.1","v3.3.3","v3.9.2","v4.0.1","v4.0.10","v4.0.11","v4.0.12","v4.0.13","v4.0.14","v4.0.15","v4.0.16","v4.0.17","v4.0.18","v4.0.19","v4.0.20","v4.0.21","v4.0.22","v4.0.23","v4.0.24","v4.0.25","v4.0.26","v4.0.27","v4.0.28","v4.0.29","v4.0.30","v4.0.31","v4.0.32","v4.0.33","v4.0.34","v4.0.35","v4.0.36","v4.0.37","v4.0.38","v4.0.39","v4.0.40","v4.0.41","v4.0.42","v4.0.43","v4.0.44","v4.0.45","v4.0.46","v4.0.47","v4.0.49","v4.0.50","v4.0.51","v4.0.52","v4.0.53","v4.0.54","v4.0.55","v4.0.56","v4.0.57","v4.0.58","v4.0.59","v4.0.60","v4.0.61","v4.0.62","v4.0.63","v4.0.64","v4.0.65","v4.0.66","v4.0.67","v4.0.68","v4.0.69","v4.0.69.1","v4.0.7","v4.0.70","v4.0.71","v4.0.72","v4.0.73","v4.0.73.1","v4.0.74","v4.0.74.1","v4.0.75","v4.0.75.1","v4.0.75.2","v4.0.75.3","v4.0.75.4","v4.0.75.5","v4.0.75.6","v4.0.75.7","v4.0.76","v4.0.76.1","v4.0.76.2","v4.0.8","v4.0.9","v4.1.0","v4.1.0.1","v4.1.0.2","v8.0.0","v8.0.11","v8.0.3","v8.0.4","v8.0.6","v8.0.7","v8.0.8","v8.0.9","v8.1.0","v8.1.1","v8.1.2","v8.1.3","v8.1.4","v8.1.5","v8.1.6","v8.5.0","v8.5.1","v8.5.2","v8.5.3","v8.5.4","v8.5.6","v8.5.8","v8.6.1","v8.6.4","v8.6.5","v8.6.6","v8.6.7","v8.6.8","v8.6.9","v8.7.0","v8.7.1","v8.7.2","v8.7.3","v8.7.4","v8.7.5","v8.7.6","v8.7.7","v8.7.8","v8.7.9","v8.8.0","v8.8.1","v8.8.2","v8.8.3","v8.8.4","v9.0.11","v9.0.14","v9.0.16","v9.0.17","v9.0.18","v9.0.19","v9.0.20","v9.0.21","v9.0.22","v9.0.23","v9.0.24","v9.0.25","v9.0.26","v9.0.28","v9.0.29","v9.0.31","v9.0.32","v9.0.33","v9.0.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25926.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}