13 matches found
EUVD-2023-0619
Malicious code in bioql PyPI...
CVE-2021-32859
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
vue2-baremetrics-calendar (>=0.1.0 <=1.6.1) potentially affected by CVE-2021-32859 via baremetrics-calendar (=1.0.14)
baremetrics-calendar NPM version =1.0.14 is affected by a known vulnerability. The following packages have a transitive dependency on baremetrics-calendar and may be impacted: - vue2-baremetrics-calendar =0.1.0, =1.6.1 Source cves: CVE-2021-32859 Source advisory: OSV:GHSA-465F-MXXH-GRC4...
Baremetrics date range picker vulnerable to Cross-site Scripting
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
GHSA-465F-MXXH-GRC4 Baremetrics date range picker vulnerable to Cross-site Scripting
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
CVE-2021-32859
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
CVE-2021-32859
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
Cross site scripting
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
Baremetrics calendar 跨站脚本漏洞
calendar is a Baremetrics open source date range selector for Baremetrics. A security vulnerability exists in Baremetrics calendar version 1.0.14 and earlier, which stems from the vulnerability to cross-site scripting XSS attacks when handling untrusted entries, which can be exploited by an...
PT-2023-12191 · Baremetrics · Baremetrics Date Range Picker
Name of the Vulnerable Software and Affected Versions: Baremetrics date range picker versions 1.0.14 and prior Description: The issue is related to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who can influence the placeholder field when creating a Calendar...
CVE-2021-32859 Baremetrics date range picker vulnerable to Cross-site Scripting
The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting XSS when handling untrusted placeholder entries. An attacker who is able to influence the field placeholder when...
CVE-2021-32859
CVE-2021-32859 affects the Baremetrics date range picker (Calendar) up to version 1.0.14. The vulnerability arises from improper handling of untrusted placeholder values in Calendar.js, allowing an attacker to inject arbitrary HTML/JavaScript that renders in a user’s context (XSS). The connected ...
baremetrics.com XSS vulnerability
Open Bug Bounty ID: OBB-637310 Description| Value ---|--- Affected Website:| baremetrics.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden...