Опубликовано: 22 мар. 2024
Источник: github
Github: Прошло ревью
CVSS4: 5.1
CVSS3: 6.1
Описание
VvvebJs Reflected Cross-Site Scripting (XSS) vulnerability
A reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs before version 1.7.5 allows remote attackers to execute arbitrary code and obtain sensitive information via the action parameter in save.php.
Пакеты
Наименование
vvvebjs
npm
Затронутые версииВерсия исправления
< 1.7.5
1.7.5
Связанные уязвимости
CVSS3: 6.1
nvd
почти 2 года назад
Reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs before version 1.7.7, allows remote attackers to execute arbitrary code and obtain sensitive information via the action parameter in save.php.