Lucene search
China National Vulnerability DatabaseCNVD-2022-06511HistoryNov 30, 2021 - 12:00 a.m.
Emoji-Button Cross-Site Scripting Vulnerability
2021-11-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
javascript
xss
url validation
i18n strings
security vulnerability
cross-site scripting
EPSS
0.001
Percentile
34.0%
Emoji-Button is a native JavaScript emoji selector. emoji-Button is vulnerable to a cross-site scripting vulnerability that stems from the lack of effective filtering and validation of URLs and i18n strings in the software for custom emoji, which could be exploited by an attacker to craft an input value that allows them to insert a “script” tag into a page and execute malicious code.
Related
veracode
veracode
Cross-site Scripting (XSS)
2021-11-29 16:45:01
cvelist
cvelist
cve
cve
CVE-2021-43785
2021-11-26 19:15:08
osv
osv
Cross-Site Scripting Vulnerability in @joeattardi/emoji-button
2021-12-01 18:29:02
CVE-2021-43785
2021-11-26 19:15:08
prion
prion
Code injection
2021-11-26 19:15:00
github
github
Cross-Site Scripting Vulnerability in @joeattardi/emoji-button
2021-12-01 18:29:02
nvd
nvd
CVE-2021-43785
2021-11-26 19:15:08