Lucene search

K
prionPRIOn knowledge basePRION:CVE-2021-35440
HistoryJul 06, 2021 - 3:15 p.m.

Cross site scripting

2021-07-0615:15:00
PRIOn knowledge base
www.prio-n.com
1

0.001 Low

EPSS

Percentile

33.5%

Smashing 1.3.4 is vulnerable to Cross Site Scripting (XSS). A URL for a widget can be crafted and used to execute JavaScript on the victim’s computer. The JavaScript code can then steal data available in the session/cookies depending on the user environment (e.g. if re-using internal URL’s for deploying, or cookies that are very permissive) private information may be retrieved by the attacker.

CPENameOperatorVersion
smashingeq1.3.4

0.001 Low

EPSS

Percentile

33.5%

Related for PRION:CVE-2021-35440