Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

I18next Node Module Security Vulnerabilities

cve
cve

CVE-2017-16008

i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of the dictionary keys to inject script into the browser. This affects i18next...

6.1CVSS

6.1AI Score

0.001EPSS

2018-06-04 07:29 PM
31
cve
cve

CVE-2017-16010

i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulnerability because user input is assumed to be escaped, but is....

6.1CVSS

5.8AI Score

0.001EPSS

2018-05-29 08:29 PM
29