{"id":"CVE-2021-41317","details":"XSS Hunter Express before 2021-09-17 does not properly enforce authentication requirements for paths.","modified":"2026-04-02T07:34:43.189729Z","published":"2021-09-17T16:15:07.660Z","references":[{"type":"ADVISORY","url":"https://vuln.ryotak.me/advisories/57"},{"type":"ADVISORY","url":"https://docs.google.com/document/d/12rq4YIFZLSmZlEsq7d7hYCI1qO5xyIxA1Wrs1m4y9-4/preview"},{"type":"FIX","url":"https://github.com/mandatoryprogrammer/xsshunter-express/commit/56bb44ed9024849f64173f71583ecb7d873baba0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mandatoryprogrammer/xsshunter-express","events":[{"introduced":"0"},{"fixed":"56bb44ed9024849f64173f71583ecb7d873baba0"}]},{"type":"GIT","repo":"https://github.com/mandatoryprogrammer/xsshunter-express","events":[{"introduced":"0"},{"fixed":"56bb44ed9024849f64173f71583ecb7d873baba0"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2021-09-17"}]},{"events":[{"introduced":"0"},{"fixed":"2021-09-17"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-41317.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}