Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2023/10/31 2:26 a.m.3 views

SUSE CVE-2021-23648

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting XSS due to improper sanitization in sanitizeUrl function...

6.1CVSS8AI score0.01423EPSS
Exploits1References2
Veracode
Veracode
added 2023/03/01 2:54 a.m.23 views

Cross-site Scripting (XSS)

@braintree/sanitize-url is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the decodeHtmlCharacters function in index.ts does not properly sanitize html encoded colons in the urlSchemeRegex parameter, which allows an attacker to inject and execute malicious JavaScript by...

6.1CVSS5.9AI score0.0056EPSS
Exploits0References4Affected Software2
vulnersOsv
vulnersOsv
added 2023/02/24 6:30 a.m.5 views

@0xgg/echomd (>=1.0.0 <=1.0.4), @adobe/parliament-ui-components (>=4.6.0 <=5.1.0) +743 more potentially affected by CVE-2022-48345 via @braintree/sanitize-url (>=1.0.0 <=6.0.0)

@braintree/sanitize-url NPM version =1.0.0, =1.0.0, =4.6.0, =2.6.1, =0.1.0, =0.0.18, =0.0.0-development, =6.8.0, =0.1.2, =2.2.2, =0.5.0, =3.23.0, =0.0.0-nightly-2020972106, =0.1.1-alpha.19, =0.1.1-alpha.21 and more Source cves: CVE-2022-48345 Source advisory: OSV:GHSA-Q8GG-VJ6M-HGMJ...

6.1CVSS6.5AI score0.0056EPSS
Exploits0
CNNVD
CNNVD
added 2023/02/24 12:0 a.m.4 views

Braintree sanitize-url 跨站脚本漏洞

Braintree sanitize-url is an open source URL cleanup from Braintree USA. A security vulnerability exists in Braintree sanitize-url prior to version 6.0.2, which stems from allowing XSS attacks via HTML entities...

6.1CVSS7AI score0.0056EPSS
Exploits0References3
OSV
OSV
added 2022/03/17 12:0 a.m.26 views

GHSA-HQQ7-2Q2V-82XQ Cross-site Scripting in sanitize-url

The package @braintree/sanitize-url before 6.0.0 is vulnerable to Cross-site Scripting XSS due to improper sanitization in the sanitizeUrl function...

5.4CVSS6.7AI score0.01423EPSS
Exploits1References9
vulnersOsv
vulnersOsv
added 2022/03/17 12:0 a.m.3 views

@0xgg/echomd (>=1.0.0 <=1.0.4), @adobe/parliament-ui-components (>=4.6.0 <=5.1.0) +718 more potentially affected by CVE-2021-23648 via @braintree/sanitize-url (>=1.0.0 <=5.0.2)

@braintree/sanitize-url NPM version =1.0.0, =1.0.0, =4.6.0, =2.6.1, =0.1.0, =0.0.18, =6.8.0, =0.1.2, =2.2.2, =0.5.0, =3.23.0, =0.0.0-nightly-2020972106, =0.1.1-alpha.19, =0.1.0, =0.1.0-integrate-flowzone-f2df00320763c10337790c7657713f782ca7a948 and more Source cves: CVE-2021-23648 Source advisory...

6.1CVSS6.6AI score0.01423EPSS
Exploits1
OSV
OSV
added 2022/03/16 4:15 p.m.21 views

CVE-2021-23648

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting XSS due to improper sanitization in sanitizeUrl function...

6.1CVSS6AI score
Exploits0References7
OSV
OSV
added 2022/03/16 4:15 p.m.1 views

DEBIAN-CVE-2021-23648

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting XSS due to improper sanitization in sanitizeUrl function...

6.1CVSS6.2AI score0.01423EPSS
Exploits1References1
Prion
Prion
added 2022/03/16 4:15 p.m.22 views

Cross site scripting

The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting XSS due to improper sanitization in sanitizeUrl function...

4.3CVSS6.6AI score0.01423EPSS
Exploits1References7Affected Software2
CNNVD
CNNVD
added 2022/03/16 12:0 a.m.5 views

Braintree sanitize-url 跨站脚本漏洞

Braintree sanitize-url is an open source URL cleanup from Braintree, Inc. A cross-site scripting vulnerability exists in versions prior to Braintree sanitize-url 6.0.0, which stems from a lack of user-supplied data and output data validation filtering in the sanitizeUrl function. An attacker coul...

6.1CVSS7.3AI score0.01423EPSS
Exploits1References13
Snyk
Snyk
added 2022/01/13 4:13 p.m.3 views

Cross-site Scripting (XSS)

Overview @braintree/sanitize-url is an A url sanitizer Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper sanitization in sanitizeUrl function. PoC: js const sanitizeUrl = require"@braintree/sanitize-url".sanitizeUrl forconst vector of...

6.1CVSS5.2AI score0.01423EPSS
Exploits1References2
Rows per page
Query Builder