Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2022/09/19 12:0 a.m.10 views

org.webjars.npm:nuxtjs__vuetify (=0.4.2) potentially affected by CVE-2022-25873 via org.webjars.npm:vuetify (=2.0.0-beta.9)

org.webjars.npm:vuetify MAVEN version =2.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vuetify and may be impacted: - org.webjars.npm:nuxtjsvuetify =0.4.2 Source cves: CVE-2022-25873 Source advisory: OSV:GHSA-Q4Q5-C5CV-2P68...

5.4CVSS6AI score0.0066EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/09/19 12:0 a.m.5 views

@appsocially/timepassport (>=0.1.2-0.1 <=0.1.29), @becompliancebr/shared-components (>=1.0.0 <=1.10.0) +73 more potentially affected by CVE-2022-25873 via vuetify (>=2.0.0 <=2.6.1)

vuetify NPM version =2.0.0, =0.1.2-0.1, =1.0.0, =1.2.5, =5.0.1-beta.0, =0.0.128, =0.0.101-beta.22, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.1.0, =0.1.1 - @een/cm-timeline-sdk =0.1.8 and more Source cves: CVE-2022-25873 Source advisory: OSV:GHSA-Q4Q5-C5CV-2P68...

5.4CVSS6AI score0.0066EPSS
Exploits1
Cvelist
Cvelist
added 2022/09/18 2:55 p.m.27 views

CVE-2022-25873 Cross-site Scripting (XSS)

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

4.6CVSS5.5AI score0.0066EPSS
Exploits1References6
CVE
CVE
added 2022/09/18 2:55 p.m.112 views

CVE-2022-25873

CVE-2022-25873 affects vuetify's VCalendar component: XSS due to improper input sanitization in the eventName function. Affected versions are 2.0.0-beta.4 through 2.6.10. Root cause: inadequate sanitization enabling script injection. Impact: cross-site scripting risks in applications using these ...

5.4CVSS4.8AI score0.0066EPSS
Exploits1References6Affected Software1
vulnersOsv
vulnersOsv
added 2022/09/09 11:53 a.m.5 views

@appsocially/timepassport (>=0.1.2-0.1 <=0.1.29), @becompliancebr/shared-components (>=1.0.0 <=1.10.0) +73 more potentially affected by CVE-2022-25873 via vuetify (>=2.0.0 <=2.6.1)

vuetify NPM version =2.0.0, =0.1.2-0.1, =1.0.0, =1.2.5, =5.0.1-beta.0, =0.0.128, =0.0.101-beta.22, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.1.0, =0.1.1 - @een/cm-timeline-sdk =0.1.8 and more Source cves: CVE-2022-25873 Source advisory: SNYK:JS-VUETIFY-3019858...

5.4CVSS6AI score0.0066EPSS
Exploits1
Rows per page
Query Builder