Lucene search
SnykCVE-2022-21802HistoryJul 25, 2022 - 2:15 p.m.
CVE-2022-21802
2022-07-2514:15:10
CWE-79
snyk
web.nvd.nist.gov
50
5
cve-2022-21802
grapesjs
xss
vulnerability
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
43.4%
The package grapesjs before 0.19.5 are vulnerable to Cross-site Scripting (XSS) due to an improper sanitization of the class name in Selector Manager.
Affected configurations
Node
grapesjsgrapesjsRange<0.19.5node.js
CNA Affected
[
{
"product": "grapesjs",
"vendor": "n/a",
"versions": [
{
"lessThan": "0.19.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
osv
osv
grapesjs before 0.19.5 vulnerable to Cross-site Scripting
2022-07-26 00:01:08
CVE-2022-21802
2022-07-25 14:15:10
github
github
grapesjs before 0.19.5 vulnerable to Cross-site Scripting
2022-07-26 00:01:08
veracode
veracode
Cross-site Scripting (XSS)
2022-07-26 03:07:17
prion
prion
Cross site scripting
2022-07-25 14:15:00
cvelist
cvelist
CVE-2022-21802 Cross-site Scripting (XSS)
2022-07-25 13:45:39
nvd
nvd
CVE-2022-21802
2022-07-25 14:15:10
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
43.4%
Related for CVE-2022-21802