Описание
All versions of package x-data-spreadsheet are vulnerable to Cross-site Scripting (XSS) due to missing sanitization of values inserted into the cells.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:x-data-spreadsheet_project:x-data-spreadsheet:*:*:*:*:*:node.js:*:*
EPSS
Процентиль: 60%
0.00394
Низкий
5.4 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
больше 3 лет назад
x-data-spreadsheet through 1.1.9 vulnerable to Cross-site Scripting
EPSS
Процентиль: 60%
0.00394
Низкий
5.4 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79