@brbb/bot-farm-ts (>=0.0.1 <=0.0.3), @phantasia/blockchain-interface (>=3.6.10 <=5.0.0) +3 more potentially affected by CVE-2024-30253 via @solana/web3.js (>=1.47.2 <=1.47.3)

@solana/web3.js NPM version =1.47.2, =0.0.1, =3.6.10, =1.13.2, =1.0.0, =0.3.53, =0.3.54 Source cves: CVE-2024-30253 Source advisory: OSV:GHSA-8M45-2RJM-J347...

CVE-2021-46372

Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters...

CVE-2021-46372

Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters...

Design/Logic Flaw

Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters...

CVE-2021-46372

CVE-2021-46372 affects Scoold 1.47.2 (Java-based Q&A/KBA). The markdown editor is vulnerable to an XSS attack when uppercase letters are used in a Q&A. NVD/OSV entries describe a Medium severity (CVSS 3.1 base score 5.4) with network attack vector and user interaction required. The provided docum...

CVE-2021-46372

Scoold 1.47.2 is a Q&A/knowledge base platform written in Java. When writing a Q&A, the markdown editor is vulnerable to a XSS attack when using uppercase letters...

Erudika Scoold跨站脚本漏洞

Erudika Scoold is an open source Q&A/knowledge base platform written in Java by Erudika Bulgaria. A security vulnerability exists in Scoold 1.47.2, which stems from the markdown editor being susceptible to an XSS attack if capitalization is used when writing a Q&A...