Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2020/08/07 10:28 p.m.5 views

@blackbaud/skyux-lib-code-block (>=2.0.0-rc.2 <=4.0.0), @branchbob/aton (=0.1.5) +52 more potentially affected by CVE-2020-15138 via prismjs (=1.20.0)

prismjs NPM version =1.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on prismjs and may be impacted: - @blackbaud/skyux-lib-code-block =2.0.0-rc.2, =0.1.0, =0.3.0, =0.1.0, =2.5.1-canary.2, =0.0.0-canary-0d962cfee89535eb8a5e91631f82f4b97dd6d1e6,...

7.5CVSS7.1AI score0.02041EPSS
Exploits0
NVD
NVD
added 2020/08/07 5:15 p.m.18 views

CVE-2020-15138

Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism =v1.1.0 that use the Previewers plugin...

7.5CVSS7.3AI score0.02041EPSS
Exploits0References3
OSV
OSV
added 2020/08/07 5:15 p.m.7 views

CVE-2020-15138

Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism =v1.1.0 that use the Previewers plugin...

7.5CVSS7.3AI score
Exploits0References3
Cvelist
Cvelist
added 2020/08/07 4:30 p.m.33 views

CVE-2020-15138 Cross-Site Scripting in Prism

Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism =v1.1.0 that use the Previewers plugin...

7.1CVSS7.6AI score0.02041EPSS
Exploits0References3
CVE
CVE
added 2020/08/07 4:30 p.m.107 views

CVE-2020-15138

CVE-2020-15138: Prism.js contains an XSS via the Previewers/Easing previews in Prism &gt;=1.1.0 with Previewers plugin (&gt;=1.10.0) or Previewer: Easing (1.1.0–1.9.0). The issue is fixed in Prism 1.21.0. A workaround is to disable easing preview on impacted code blocks if upgrading is not feasib...

7.5CVSS7.2AI score0.02041EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder