Lucene search
PRIOn knowledge basePRION:CVE-2023-23630HistoryFeb 01, 2023 - 1:15 a.m.
Design/Logic Flaw
2023-02-0101:15:00
PRIOn knowledge base
www.prio-n.com
2
embedded js
node
deno
xss attack
express api
version 2.0.0
res.render
nvd
0.001 Low
EPSS
Percentile
27.3%
Eta is an embedded JS templating engine that works inside Node, Deno, and the browser. XSS attack - anyone using the Express API is impacted. The problem has been resolved. Users should upgrade to version 2.0.0. As a workaround, don’t pass user supplied things directly to res.render.
Related
osv
osv
CVE-2023-23630
2023-02-01 01:15:08
XSS Attack with Express API
2023-01-31 22:39:40
cve
cve
CVE-2023-23630
2023-02-01 01:15:08
nvd
nvd
CVE-2023-23630
2023-02-01 01:15:08
veracode
veracode
Cross-site Scripting (XSS)
2023-02-06 06:25:15
github
github
XSS Attack with Express API
2023-01-31 22:39:40
cvelist
cvelist
CVE-2023-23630 Cross-site (XSS) vulnerability with Express API in Eta
2023-02-01 00:38:29