Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistHackeroneCVELIST:CVE-2017-16010
HistoryMay 29, 2018 - 8:00 p.m.

CVE-2017-16010

2018-05-2920:00:00
CWE-79
hackerone
www.cve.org
3

EPSS

0.001

Percentile

41.5%

JSON

i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulnerability because user input is assumed to be escaped, but is not. This vulnerability affects i18next 2.0.0 and later.

CNA Affected

[
  {
    "product": "i18next node module",
    "vendor": "HackerOne",
    "versions": [
      {
        "status": "affected",
        "version": ">=2.0.0 <=3.4.3"
      }
    ]
  }
]

Related

osv 2
veracode 1
nvd 1
ubuntucve 1
nodejs 1
debiancve 1
cve 1
prion 1
github 1
osv
osv
CVE-2017-16010
2018-05-29 20:29:02
Cross-Site Scripting in i18next
2018-07-24 19:58:33
veracode
veracode
Cross-site Scripting (XSS)
2017-03-28 08:38:54
nvd
nvd
CVE-2017-16010
2018-05-29 20:29:02
ubuntucve
ubuntucve
CVE-2017-16010
2018-05-29 00:00:00
nodejs
nodejs
Cross-Site Scripting
2017-03-14 21:42:04
debiancve
debiancve
CVE-2017-16010
2018-05-29 20:29:02
cve
cve
CVE-2017-16010
2018-05-29 20:29:02
prion
prion
Cross site scripting
2018-05-29 20:29:00
github
github
Cross-Site Scripting in i18next
2018-07-24 19:58:33

EPSS

0.001

Percentile

41.5%

JSON
Related for CVELIST:CVE-2017-16010
osv2veracode1nvd1ubuntucve1nodejs1debiancve1cve1prion1github1