Lucene search
China National Vulnerability DatabaseCNVD-2022-58226HistoryJul 08, 2022 - 12:00 a.m.
parse-url cross-site scripting vulnerability
2022-07-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
30.2%
parse-url is an advanced url parser that supports git url. parse-url versions prior to 7.0.0 are vulnerable to a cross-site scripting vulnerability that stems from the ability to run malicious JS code using ASCII characters starting with and all special escaped characters starting with Unicode, which can be exploited to place any malicious JS code on a web page .
| CPE | Name | Operator | Version |
|---|---|---|---|
| parse-url parse-url | lt | 7.0.0 |
Related
huntr
huntr
Run malicious JS code with other kinds of encoding
2022-06-07 09:07:12
cve
cve
CVE-2022-2217
2022-06-27 11:15:08
redhatcve
redhatcve
CVE-2022-2217
2022-06-30 21:05:46
osv
osv
CVE-2022-2217
2022-06-27 11:15:08
Cross site scripting in parse-url
2022-06-28 00:01:02
nvd
nvd
CVE-2022-2217
2022-06-27 11:15:08
github
github
Cross site scripting in parse-url
2022-06-28 00:01:02
veracode
veracode
Cross-site Scripting (XSS)
2022-06-27 14:19:06
cvelist
cvelist
CVE-2022-2217 Cross-site Scripting (XSS) - Generic in ionicabizau/parse-url
2022-06-27 10:15:24
prion
prion
Cross site scripting
2022-06-27 11:15:00