CVE-2021-23445

Опубликовано: 27 сент. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 3.1

Описание

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	needs-triage
esm-apps/bionic	needs-triage
esm-apps/focal	needs-triage
esm-apps/jammy	needs-triage
esm-apps/noble	needs-triage
esm-apps/xenial	needs-triage
esm-infra-legacy/trusty	DNE
focal	ignored	end of standard support, was needs-triage
hirsute	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%

0.00327

Низкий

4.3 Medium

CVSS2

3.1 Low

CVSS3

Связанные уязвимости

CVE-2021-23445

CVSS3: 6.1

redhat

больше 4 лет назад

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.

CVE-2021-23445

CVSS3: 3.1

nvd

больше 4 лет назад

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.

CVE-2021-23445

msrc

около 1 месяца назад

Cross-site Scripting (XSS)

CVE-2021-23445

CVSS3: 3.1

debian

больше 4 лет назад

This affects the package datatables.net before 1.11.3. If an array is ...

GHSA-h73q-5wmj-q8pj

CVSS3: 6.1

github

больше 4 лет назад

Cross site scripting in datatables.net

EPSS

Процентиль: 55%

0.00327

Низкий

4.3 Medium

CVSS2

3.1 Low

CVSS3

CVE-2021-23445

Описание

Пакет datatables.js

Ссылки на источники

Связанные уязвимости