{"id":"CVE-2021-44266","details":"GUnet Open eClass (aka openeclass) before 3.12.2 allows XSS via the modules/auth/formuser.php auth parameter.","modified":"2026-04-10T04:41:19.992490Z","published":"2022-06-11T15:15:08.750Z","references":[{"type":"ADVISORY","url":"https://docs.openeclass.org/el/current#%CE%AD%CE%BA%CE%B4%CE%BF%CF%83%CE%B7_3122"},{"type":"ADVISORY","url":"https://emaragkos.gr/cve-2021-44266/"},{"type":"EVIDENCE","url":"https://hg.gunet.gr/openeclass/rev/e0ed11f5768d"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gunet/openeclass","events":[{"introduced":"0"},{"fixed":"1b08d6851cf105450564c66c3fa7f25ae8ec7ec9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.12.2"}]}}],"versions":["Release_3.0","Release_3.10","Release_3.10.1","Release_3.10.2","Release_3.11","Release_3.11.1","Release_3.11.2","Release_3.12","Release_3.12.1","Release_3.2","Release_3.2.1","Release_3.2.2","Release_3.2.3","Release_3.3","Release_3.3.1","Release_3.3.2","Release_3.4","Release_3.4.1","Release_3.4.2","Release_3.4.3","Release_3.4.4","Release_3.6.1","Release_3.6.2","Release_3.6.3","Release_3.7","Release_3.7.1","Release_3.7.2","Release_3.8","Release_3.8.1","Release_3.8.2","Release_3.8.3","Release_3.8.4","Release_3.9","Release_3.9.1","Release_3.9.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-44266.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}