Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2017/10/24 6:33 p.m.9 views

37fis (>=1.0.0 <=1.0.2), @axerunners/p2pool-scanner (=0.0.2) +717 more potentially affected by CVE-2015-8856 via serve-index (>=1.0.0 <=1.6.2)

serve-index NPM version =1.0.0, =1.0.0, =1.0.1, =1.0.37, =0.0.1, =0.13.7, =1.0.4, =1.0.1, =1.0.0, =0.2.0, =1.0.3, =1.0.4, =1.0.13 and more Source cves: CVE-2015-8856 Source advisory: OSV:GHSA-V633-X5VV-HQWC...

6.1CVSS6.8AI score0.02477EPSS
Exploits0
NVD
NVD
added 2017/01/23 9:59 p.m.27 views

CVE-2015-8856

Cross-site scripting XSS vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name...

6.1CVSS6AI score0.02477EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/01/23 9:59 p.m.21 views

CVE-2015-8856

Cross-site scripting XSS vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name...

6.1CVSS7AI score0.02477EPSS
Exploits0References3
CVE
CVE
added 2017/01/23 9:0 p.m.70 views

CVE-2015-8856

CVE-2015-8856 affects the serve-index package for Node.js prior to 1.6.3, where file or directory names could be crafted to trigger cross-site scripting. The vulnerability allows remote injection of arbitrary scripts/HTML via such names. A fix is available in version 1.6.3 and later. The availabl...

6.1CVSS5.6AI score0.02477EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2017/01/23 9:0 p.m.31 views

CVE-2015-8856

Cross-site scripting XSS vulnerability in the serve-index package before 1.6.3 for Node.js allows remote attackers to inject arbitrary web script or HTML via a crafted file or directory name...

6.1CVSS6.4AI score0.02477EPSS
Exploits0
Rows per page
Query Builder