CVE-2021-23648

Опубликовано: 16 мар. 2022

Источник: debian

Описание

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.

Пакет	Статус	Версия исправления	Релиз	Тип
node-mermaid	fixed	8.14.0+~cs11.4.14-1		package
node-mermaid	fixed	8.7.0+ds+~cs27.17.17-3+deb11u1	bullseye	package

CVE-2021-23648

CVSS3: 5.4

ubuntu

больше 3 лет назад

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.

CVE-2021-23648

CVSS3: 5.4

redhat

больше 3 лет назад

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.

CVE-2021-23648

CVSS3: 5.4

nvd

больше 3 лет назад

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.

GHSA-hqq7-2q2v-82xq

CVSS3: 5.4

github

больше 3 лет назад

Cross-site Scripting in sanitize-url

RLSA-2022:8057

rocky

больше 2 лет назад

Important: grafana security, bug fix, and enhancement update