Lucene search
GoogleOSV:GHSA-GF8J-V8X5-H9QPHistoryJan 08, 2020 - 5:15 p.m.
XSS in enshrined/svg-sanitize due to mishandled script and data values in attributes
2020-01-0817:15:37
Google
osv.dev
5
0.001 Low
EPSS
Percentile
31.1%
enshrined/svg-sanitize before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript :alert substring.
Related
veracode
veracode
Cross-Site Scripting (XSS)
2019-11-12 01:33:26
prion
prion
Code injection
2019-11-11 15:15:00
osv
osv
CVE-2019-18857
2019-11-11 15:15:12
nvd
nvd
CVE-2019-18857
2019-11-11 15:15:12
github
github
cve
cve
CVE-2019-18857
2019-11-11 15:15:12
cvelist
cvelist
CVE-2019-18857
2019-11-11 14:34:59