exploitDog

GHSA-chqx-rw2r-xgw8

Опубликовано: 01 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 4.7

Описание

An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading.

An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading.

Ссылки

EPSS

Процентиль: 34%

0.00141

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-601

Связанные уязвимости

CVE-2024-25676

CVSS3: 4.7

nvd

почти 2 года назад

An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading.

EPSS

Процентиль: 34%

0.00141

Низкий

4.7 Medium

CVSS3

CVE ID

Дефекты

CWE-601