5 matches found
CVE-2019-14772
verdaccio before 3.12.0 allows XSS...
CVE-2019-14772
verdaccio before 3.12.0 allows XSS...
CVE-2019-14772
verdaccio before 3.12.0 allows XSS...
CVE-2019-14772
Verdaccio (npm private registry) before version 3.12.0 is vulnerable to Cross-Site Scripting (XSS) due to insufficient validation of client-side data by the web application. The issue affects Verdaccio instances running 3.12.0 or migrating to major version >=4.0.0 to fix the vulnerability. No ...
CVE-2019-14772
verdaccio before 3.12.0 allows XSS...