Lucene search
K

4 matches found

OSV
OSV
added 2020/09/03 6:18 p.m.6 views

GHSA-VMH4-322V-CFPC Cross-Site Scripting in cmmn-js-properties-panel

Versions of cmmn-js-properties-panel prior to 0.8.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize input in specially configured diagrams, which may allow attackers to inject arbitrary JavaScript in the embedding website. Recommendation Upgrade to version 0.8.0 or later...

6.4AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 6:18 p.m.18 views

Cross-Site Scripting in cmmn-js-properties-panel

Versions of cmmn-js-properties-panel prior to 0.8.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize input in specially configured diagrams, which may allow attackers to inject arbitrary JavaScript in the embedding website. Recommendation Upgrade to version 0.8.0 or later...

4.6AI score
Exploits0References2Affected Software1
Veracode
Veracode
added 2019/08/07 6:49 a.m.10 views

Cross-site Scripting (XSS)

cmmn-js-properties-panel is vulnerable to cross-site scripting XSS. The vulnerability exists through the lack of sanitization of HTML links...

0.7AI score
Exploits0
Node.js
Node.js
added 2019/07/17 9:38 p.m.16 views

Cross-Site Scripting

Overview Versions of cmmn-js-properties-panel prior to 0.8.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize input in specially configured diagrams, which may allow attackers to inject arbitrary JavaScript in the embedding website. Recommendation Upgrade to version 0.8.0...

6.2AI score
Exploits0Affected Software1
Rows per page
Query Builder