Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2021/09/22 8:36 p.m.3 views

@adonisjs/framework (>=4.0.0 <=5.0.13), @adonisjs/view (>=1.0.0 <=5.0.2) +54 more potentially affected by CVE-2021-23443 via edge.js (>=1.1.4 <=4.0.4)

edge.js NPM version =1.1.4, =4.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.0.1, =0.0.45, =1.8.1, =1.0.0, =1.0.0, =2.0.36, =2.0.37, =2.1.3 and more Source cves: CVE-2021-23443 Source advisory: OSV:GHSA-55R9-7MF8-M382...

6.1CVSS6.3AI score0.00906EPSS
Exploits1
OSV
OSV
added 2021/09/21 5:15 p.m.9 views

CVE-2021-23443

This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array instead of a string or a SafeValue, even if are used...

6.1CVSS6.7AI score
Exploits0References2
CVE
CVE
added 2021/09/21 4:50 p.m.52 views

CVE-2021-23443

The CVE-2021-23443 entry applies to edge.js prior to version 5.3.2, where a type confusion vulnerability can bypass input sanitization when the rendered input is an array (not a string or SafeValue), even with {{ }} usage. Affected component: edge.js template engine. Impact: cross-site scripting ...

6.1CVSS5.8AI score0.00906EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/09/21 4:50 p.m.24 views

CVE-2021-23443 Cross-site Scripting (XSS)

This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array instead of a string or a SafeValue, even if are used...

5.4CVSS6.4AI score0.00906EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2021/09/21 4:49 p.m.2 views

CVE-2021-23443

This affects the package edge.js before 5.3.2. A type confusion vulnerability can be used to bypass input sanitization when the input to be rendered is an array instead of a string or a SafeValue, even if are used...

6.1CVSS5.4AI score0.00906EPSS
Exploits1References3
Rows per page
Query Builder