Lucene search
GoogleCVELIST:CVE-2023-3481HistoryAug 21, 2023 - 10:04 a.m.
CVE-2023-3481 XSS in Chrome Lab Critters
2023-08-2110:04:23
CWE-116
CWE-80
Google
www.cve.org
4
cve-2023-3481
chrome lab critters
html parsing
cross-site scripting
upgrade
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
26.5%
Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Critters",
"vendor": "Google Chrome Labs",
"versions": [
{
"lessThan": "0.0.19",
"status": "affected",
"version": "0.0.17",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2023-3481
2023-08-21 11:15:07
github
github
Critters Cross-site Scripting Vulnerability
2023-08-11 18:57:53
nvd
nvd
CVE-2023-3481
2023-08-21 11:15:07
prion
prion
Cross site scripting
2023-08-21 11:15:00
osv
osv
Critters Cross-site Scripting Vulnerability
2023-08-11 18:57:53
veracode
veracode
Cross-site Scripting (XSS)
2023-08-10 09:58:24
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
26.5%
Related for CVELIST:CVE-2023-3481