4 matches found
Link Preload XSS bypass
Description Link preloads still do not effectively confirm if the requested link is external. This is a bypass to the fix for CVE-2022-4414. Root Cause The getPayloadURL function was adapted after the disclosure to use the browsers built in URL parser to properly check for a valid URL. This is a...
CVE-2022-4414 Cross-site Scripting (XSS) - DOM in nuxt/framework
Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...
CVE-2022-4414 Cross-site Scripting (XSS) - DOM in nuxt/framework
Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...
CVE-2022-4414 Cross-site Scripting (XSS) - DOM in nuxt/framework
Cross-site Scripting XSS - DOM in GitHub repository nuxt/framework prior to v3.0.0-rc.13...