Lucene search
GoogleOSV:CVE-2021-43785HistoryNov 26, 2021 - 7:15 p.m.
CVE-2021-43785
2021-11-2619:15:08
Google
osv.dev
2
@joeattardi/emoji-button is a Vanilla JavaScript emoji picker component. In affected versions there are two vectors for XSS attacks: a URL for a custom emoji, and an i18n string. In both of these cases, a value can be crafted such that it can insert a script tag into the page and execute malicious code.
Related
cve
cve
CVE-2021-43785
2021-11-26 19:15:08
cvelist
cvelist
veracode
veracode
Cross-site Scripting (XSS)
2021-11-29 16:45:01
osv
osv
Cross-Site Scripting Vulnerability in @joeattardi/emoji-button
2021-12-01 18:29:02
prion
prion
Code injection
2021-11-26 19:15:00
github
github
Cross-Site Scripting Vulnerability in @joeattardi/emoji-button
2021-12-01 18:29:02
cnvd
cnvd
Emoji-Button Cross-Site Scripting Vulnerability
2021-11-30 00:00:00
nvd
nvd
CVE-2021-43785
2021-11-26 19:15:08