exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2024-53382

10 месяцев назад

Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.

CVSS3: 4.9

EPSS: Низкий

CVE-2024-53382

10 месяцев назад

Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.

CVSS3: 4.9

EPSS: Низкий

CVE-2024-53382

10 месяцев назад

Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.

CVSS3: 4.9

EPSS: Низкий

CVE-2024-53382

10 месяцев назад

Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resulta ...

CVSS3: 4.9

EPSS: Низкий

GHSA-x7hr-w5r2-h6wg

10 месяцев назад

PrismJS DOM Clobbering vulnerability

CVSS3: 4.9

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-53382 Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.	CVSS3: 4.9	0% Низкий	10 месяцев назад
CVE-2024-53382 Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.	CVSS3: 4.9	0% Низкий	10 месяцев назад
CVE-2024-53382 Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.	CVSS3: 4.9	0% Низкий	10 месяцев назад
CVE-2024-53382 Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resulta ...	CVSS3: 4.9	0% Низкий	10 месяцев назад
GHSA-x7hr-w5r2-h6wg PrismJS DOM Clobbering vulnerability	CVSS3: 4.9	0% Низкий	10 месяцев назад

Уязвимостей на страницу