Omero.Web · Omero.Web · CVE-2021-41132
**Name of the Vulnerable Software and Affected Versions**
OMERO.web versions prior to 5.11.0
OMERO.figure versions prior to 4.4.1
**Description**
The issue arises from a lack of proper sanitization through HTML escaping in various templates, combined with the use of `jQuery.html()`. This leads to potential cross-site scripting possibilities when specially crafted input is provided to different fields.
**Recommendations**
For OMERO.web versions prior to 5.11.0, upgrade to version 5.11.0 or higher.
For OMERO.figure versions prior to 4.4.1, upgrade to version 4.4.1 or higher.