3 matches found
CVE-2020-29455
A cross-Site Scripting XSS vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter e.g., street or country...
CVE-2020-29455
A cross-Site Scripting XSS vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter e.g., street or country...
CVE-2020-29455
CVE-2020-29455 describes a cross-site scripting (XSS) vulnerability in SmartyStreets’ liveAddressPlugin.js 3.2, specifically in the functions this.showInvalid and this.showInvalidCountry. The issue allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., str...