2 matches found
@esfaenza/core (>=15.2.16 <=19.2.114), @naxxfish/whereis (=0.0.1) +15 more potentially affected by CVE-2021-43862 via jquery.terminal (>=0.10.12 <=2.23.2)
jquery.terminal NPM version =0.10.12, =15.2.16, =0.0.1, =0.1.3, =2.0.0, =3.3.2, =0.0.3, =1.0.4, =0.1.0, =1.0.0, =1.0.2, =0.0.1, =0.0.10 and more Source cves: CVE-2021-43862 Source advisory: OSV:GHSA-X9R5-JXVQ-4387...
CVE-2021-43862 Self XSS on user input
jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications. Versions prior to 2.31.1 contain a low impact and limited cross-site scripting XSS vulnerability. The code for XSS payload is always visible, but an attacker can use other techniques to hide the code...