vulnerability
Ubuntu: (CVE-2021-4020): janus vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:S/C:N/I:P/A:N) | Nov 27, 2021 | Jun 26, 2025 | Mar 27, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:P/A:N)
Published
Nov 27, 2021
Added
Jun 26, 2025
Modified
Mar 27, 2026
Description
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Solution
no-fix-ubuntu-package
References
- CVE-2021-4020
- https://attackerkb.com/topics/CVE-2021-4020
- CWE-79
- EUVD-EUVD-2021-33923
- https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-33923
- https://github.com/meetecho/janus-gateway/commit/ba166e9adebfe5343f826c6a9e02299d35414ffd
- https://github.com/meetecho/janus-gateway/commit/d3fc00ec803d6c41d8f98908732f44e7f4911a1c
- https://huntr.dev/bounties/9814baa8-7bdd-4e31-a132-d9d15653409e
- https://huntr.dev/bounties/9814baa8-7bdd-4e31-a132-d9d15653409e/
- https://www.cve.org/CVERecord?id=CVE-2021-4020
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.