exploitDog

CVE-2014-9772

Опубликовано: 23 янв. 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 4.3

CVSS3: 6.1

Описание

The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.

Релиз	Статус	Примечание
devel	not-affected	3.17.0+dfsg1-1
esm-apps/xenial	not-affected	3.17.0+dfsg1-1
esm-infra-legacy/trusty	DNE
precise	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	2.0
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
wily	not-affected	3.17.0+dfsg1-1

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2014-9772

CVSS3: 6.1

nvd

больше 8 лет назад

The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.

CVE-2014-9772

CVSS3: 6.1

debian

больше 8 лет назад

The validator package before 2.0.0 for Node.js allows remote attackers ...

GHSA-79mx-88w7-8f7q

CVSS3: 6.1

github

больше 6 лет назад

XSS Filter Bypass via Encoded URL in validator

4.3 Medium

CVSS2

6.1 Medium

CVSS3