Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1CVSS5.9AI score0.00298EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/20 6:31 p.m.10 views

@cyntler/react-doc-viewer's TXTRenderer fails to sanitize file content and explicitly casts raw data as a ReactNode

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1CVSS5.9AI score0.00298EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/05/20 6:16 p.m.19 views

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1CVSS0.00298EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 12:0 a.m.40 views

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 12:0 a.m.8 views

CVE-2026-30691

Cross-Site Scripting XSS vulnerability in @cyntler/react-doc-viewer v1.17.1 allows remote attackers to execute arbitrary JavaScript via a crafted .txt file. The TXTRenderer component fails to sanitize file content and explicitly casts raw data as a ReactNode...

6.1AI score0.00298EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.12 views

PT-2026-42214

Name of the Vulnerable Software and Affected Versions @cyntler/react-doc-viewer version 1.17.1 Description A Cross-Site Scripting XSS issue exists where remote attackers can execute arbitrary JavaScript by using a crafted .txt file. This occurs because the TXTRenderer component does not sanitize...

6.1CVSS6AI score0.00298EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.10 views

react-doc-viewer 跨站脚本漏洞

react-doc-viewer is a React documentation viewer component developed by Damian Cyntler. Version 1.17.1 of react-doc-viewer contains a cross-site scripting vulnerability. This vulnerability arises from the TXTRenderer component failing to clean up file content and explicitly converting raw data in...

6.1CVSS5.9AI score0.00298EPSS
Exploits0References1
Rows per page
Query Builder