Количество 3
Количество 3
CVE-2026-27902
Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from `transformError`. Version 5.53.5 fixes the issue.
CVE-2026-27902
Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from `transformError`. Version 5.53.5 fixes the issue.
GHSA-qgvg-pr8v-6rr3
Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-27902 Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from `transformError`. Version 5.53.5 fixes the issue. | CVSS3: 4.2 | 0% Низкий | около 1 месяца назад |
 | CVE-2026-27902 Svelte performance oriented web framework. Prior to version 5.53.5, errors from `transformError` were not correctly escaped prior to being embedded in the HTML output, causing potential HTML injection and XSS if attacker-controlled content is returned from `transformError`. Version 5.53.5 fixes the issue. | CVSS3: 5.4 | 0% Низкий | около 1 месяца назад |
| GHSA-qgvg-pr8v-6rr3 Svelte: XSS via HTML Comment Injection in SSR Error Boundary Hydration Markers | 0% Низкий | 29 дней назад |
Уязвимостей на страницу