Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2019/02/18 11:39 p.m.5 views

backbone-couch (>=0.4.0 <=0.5.4), backbone-stash (=0.0.4) +3 more potentially affected by CVE-2016-10537 via backbone (=0.3.3)

backbone NPM version =0.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on backbone and may be impacted: - backbone-couch =0.4.0, =1.1.0, =0.4.0, =0.1.0, =1.0.0 Source cves: CVE-2016-10537 Source advisory: OSV:GHSA-J6P2-CX3W-6JCP...

5.4CVSS6.4AI score0.00686EPSS
Exploits0
NVD
NVD
added 2018/05/31 8:29 p.m.22 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS5.2AI score0.00686EPSS
Exploits0References2
OSV
OSV
added 2018/05/31 8:29 p.m.26 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS5.6AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/05/31 8:29 p.m.27 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS6.5AI score0.00686EPSS
Exploits0References3
CVE
CVE
added 2018/05/31 8:0 p.m.71 views

CVE-2016-10537

The CVE-2016-10537 entry concerns the Backbone.js backbone module (v0.3.3 and earlier) vulnerable to cross-site scripting via the Model#Escape function. The root cause is a regex that fails to encode HTML metacharacters (e.g.,

5.4CVSS5.4AI score0.00686EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/05/31 8:0 p.m.26 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.2AI score0.00686EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/05/31 8:0 p.m.38 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS6.1AI score0.00686EPSS
Exploits0
Rows per page
Query Builder