{"id":"CVE-2021-26716","details":"Modules/input/Views/schedule.php in Emoncms through 10.2.7 allows XSS via the node parameter.","modified":"2026-04-12T00:09:30.693638Z","published":"2021-02-21T06:15:12.257Z","references":[{"type":"EVIDENCE","url":"https://github.com/emoncms/emoncms/issues/1652"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/emoncms/emoncms","events":[{"introduced":"0"},{"last_affected":"1a5aee34ce1cdcd47c1fe85c47e8d28a3c7d22dd"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"10.2.7"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:openenergymonitor:emoncms:*:*:*:*:*:*:*:*"}}],"versions":["10.1.10","10.1.11","10.1.4","10.1.7","10.1.8","10.1.9","10.2.0","10.2.1","10.2.2","10.2.3","10.2.4","10.2.5","10.2.7","8.0","8.0.1","8.0.2","8.0.3","8.0.4","8.0.5","8.0.6","8.0.7","8.0.8","8.0.9","8.1.0","8.1.1","8.1.2","8.2","8.2.1","8.2.3","8.2.5","8.2.6","8.2.7","8.3.0","8.3.1","8.5.2","9.8.15","9.8.15.stable","9.8.16","9.8.18","9.8.24","debian/8.0-1","v5.0","v6.0","v6.9","v7.0","v8.3.2","v8.3.3","v8.3.4","v8.3.6","v8.4.0","v9.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-26716.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}