3 matches found
CVE-2023-25571
Backstage is an open platform for building developer portals. @backstage/catalog-model prior to version 1.2.0, @backstage/core-components prior to 0.12.4, and @backstage/plugin-catalog-backend prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicio...
@backstage/backend-app-api (>=0.0.0-nightly-20220923030237 <=0.0.0-nightly-20260510031943), @backstage/backend-common (>=0.0.0-nightly-20230104022659 <=0.0.0-nightly-20240917021806) +289 more potentially affected by CVE-2023-25571 via @backstage/catalog-model (>=0.0.0-nightly-20220708025041 <=1.1.5)
@backstage/catalog-model NPM version =0.0.0-nightly-20220708025041, =0.0.0-nightly-20220923030237, =0.0.0-nightly-20230104022659, =0.0.0-nightly-20220923030237, =0.0.0-nightly-20240116021644, =0.0.0-nightly-20231025021459, =0.0.0-nightly-20220923030237, =0.0.0-nightly-2022042277,...
backstage 跨站脚本漏洞
backstage is an application. Backstage is an open platform for building developer portals. A security vulnerability exists in backstage catalog-model prior to 1.2.0, backstage core-components prior to 0.12.4, and backstage plugin-catalog-backend prior to 1.7.2 that originates from a vulnerability...