Lucene search

Cross-site Scripting in lightning-server

🗓️ 10 May 2021 18:15:39Reported by GitHub Advisory DatabaseType

Cross-site Scripting in lightning-server. Injection of malicious JavaScrip

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Veracode	Cross-site Scripting (XSS)	21 Oct 202006:21	–	veracode
Cvelist	CVE-2020-7747 Cross-site Scripting (XSS)	20 Oct 202010:25	–	cvelist
Prion	Code injection	20 Oct 202011:15	–	prion
OSV	Cross-site Scripting in lightning-server	10 May 202118:39	–	osv
NVD	CVE-2020-7747	20 Oct 202011:15	–	nvd
CVE	CVE-2020-7747	20 Oct 202011:15	–	cve

Vulners

Node

lightning-serverRange≤1.3.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-7747
github	www.github.com/lightning-viz/lightning/blob/master/app/controllers/session.js%23L230
snyk	www.snyk.io/vuln/SNYK-JS-LIGHTNINGSERVER-1019381
github	www.github.com/advisories/GHSA-gmch-cm2p-9qw9

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 May 2021 18:39Current

6.3Medium risk

Vulners AI Score6.3

CVSS23.5

CVSS36.3

EPSS0.00437

CWE-79