Lucene search
GoogleCVE-2023-3481HistoryAug 21, 2023 - 11:15 a.m.
CVE-2023-3481
2023-08-2111:15:07
CWE-116
CWE-80
CWE-79
Google
web.nvd.nist.gov
36
critters
xss
bug fix
upgrade
security advisory
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
26.5%
Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension.
Affected configurations
Node
googlecrittersRange0.0.17–0.0.19
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Critters",
"vendor": "Google Chrome Labs",
"versions": [
{
"lessThan": "0.0.19",
"status": "affected",
"version": "0.0.17",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2023-3481 XSS in Chrome Lab Critters
2023-08-21 10:04:23
github
github
Critters Cross-site Scripting Vulnerability
2023-08-11 18:57:53
nvd
nvd
CVE-2023-3481
2023-08-21 11:15:07
prion
prion
Cross site scripting
2023-08-21 11:15:00
osv
osv
Critters Cross-site Scripting Vulnerability
2023-08-11 18:57:53
veracode
veracode
Cross-site Scripting (XSS)
2023-08-10 09:58:24
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
26.5%
Related for CVE-2023-3481