Количество 2
Количество 2
CVE-2022-25854
почти 4 года назад
This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the XSS payload.
CVSS3: 5.4
EPSS: Низкий
GHSA-pxpf-v376-7xx5
почти 4 года назад
tagify can pass a malicious placeholder to initiate the cross-site scripting (XSS) payload
CVSS3: 6.1
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-25854 This affects the package @yaireo/tagify before 4.9.8. The package is used for rendering UI components inside the input or text fields, and an attacker can pass a malicious placeholder value to it to fire the XSS payload. | CVSS3: 5.4 | 1% Низкий | почти 4 года назад |
| GHSA-pxpf-v376-7xx5 tagify can pass a malicious placeholder to initiate the cross-site scripting (XSS) payload | CVSS3: 6.1 | 1% Низкий | почти 4 года назад |
Уязвимостей на страницу
20