{"schema_version": "1.6.1", "id": "CVE-2021-26558", "summary": "Deserialization of Untrusted Data", "details": "Deserialization of Untrusted Data vulnerability of Apache ShardingSphere-UI allows an attacker to inject outer link resources.  This issue affects Apache ShardingSphere-UI Apache ShardingSphere-UI version 4.1.1 and later versions; Apache ShardingSphere-UI versions prior to 5.0.0.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "4.1.1"}, {"fixed": "Apache ShardingSphere-UI*"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread/4gzkm1zb6c97v9gl8lcz8ll5xr8o484c"}]}