exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2016-10537

больше 7 лет назад

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the `Model#Escape` function of backbone 0.3.3 and earlier, if a user is able to supply input. This is due to the regex that's replacing things to miss the conversion of things such as `<` to `<`.

CVSS3: 5.4

EPSS: Низкий

CVE-2016-10537

больше 7 лет назад

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the `Model#Escape` function of backbone 0.3.3 and earlier, if a user is able to supply input. This is due to the regex that's replacing things to miss the conversion of things such as `<` to `<`.

CVSS3: 5.4

EPSS: Низкий

CVE-2016-10537

больше 7 лет назад

backbone is a module that adds in structure to a JavaScript heavy appl ...

CVSS3: 5.4

EPSS: Низкий

GHSA-j6p2-cx3w-6jcp

почти 7 лет назад

Cross-Site Scripting in backbone

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2016-10537 backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the `Model#Escape` function of backbone 0.3.3 and earlier, if a user is able to supply input. This is due to the regex that's replacing things to miss the conversion of things such as `<` to `<`.	CVSS3: 5.4	0% Низкий	больше 7 лет назад
CVE-2016-10537 backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the `Model#Escape` function of backbone 0.3.3 and earlier, if a user is able to supply input. This is due to the regex that's replacing things to miss the conversion of things such as `<` to `<`.	CVSS3: 5.4	0% Низкий	больше 7 лет назад
CVE-2016-10537 backbone is a module that adds in structure to a JavaScript heavy appl ...	CVSS3: 5.4	0% Низкий	больше 7 лет назад
GHSA-j6p2-cx3w-6jcp Cross-Site Scripting in backbone	CVSS3: 5.4	0% Низкий	почти 7 лет назад

Уязвимостей на страницу