Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-2743

Malicious code in bioql PyPI...

8.3CVSS6.4AI score0.00515EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 8:23 a.m.17 views

CVE-2024-47061

Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM attributes to any element or leaf using the attributes property. These attributes are passed to the...

8.3CVSS7.7AI score0.00515EPSS
Exploits0References1
Veracode
Veracode
added 2024/09/25 7:35 a.m.15 views

Cross-site Scripting (XSS)

@udecode/plate-core is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper handling of custom DOM attributes passed through the attributes property, allowing attackers to inject malicious code via attributes like href and src, or to expose users' IP addresses by causing...

8.3CVSS6.9AI score0.00515EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/09/20 7:15 p.m.20 views

CVE-2024-47061

Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM attributes to any element or leaf using the attributes property. These attributes are passed to the...

8.3CVSS0.00515EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/20 7:4 p.m.16 views

CVE-2024-47061 Arbitrary DOM attributes in element.attributes and leaf.attributes in Platejs

Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM attributes to any element or leaf using the attributes property. These attributes are passed to the...

8.3CVSS5.9AI score0.00515EPSS
Exploits0References3
CVE
CVE
added 2024/09/20 7:4 p.m.74 views

CVE-2024-47061

The CVE-2024-47061 issue affects Plate editors using @udecode/plate-core, where arbitrary DOM attributes can be injected via nodeProps (often from the attributes property), enabling cross-site scripting (XSS) and potential information exposure (e.g., user IPs and whether a malicious document is o...

8.3CVSS7.8AI score0.00515EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/09/20 2:41 p.m.24 views

Plate allows arbitrary DOM attributes in element.attributes and leaf.attributes

Impact One longstanding feature of Plate is the ability to add custom DOM attributes to any element or leaf using the attributes property. These attributes are passed to the node component using the nodeProps prop. Note: The attributes prop that is typically rendered alongside nodeProps is...

8.3CVSS5.2AI score0.00515EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder