Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-48345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sanitize-url aka @braintree/sanitize-url before 6.0.2 allows XSS via HTML entities. CVE-2022-48345 Note that Nessus relies on the presence of the package as...

6.1CVSS6.8AI score0.0056EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2023/05/05 3:18 p.m.26 views

Security Bulletin: Vulnerability in sanitize-url affects IBM Process Mining . CVE-2022-48345

Summary There is a vulnerability in sanitize-url that could allow a remote attacker to execute script in a victim's Web browser due to cross-site scripting. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability...

6.1CVSS6.3AI score0.0056EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2023/02/24 6:30 a.m.5 views

@0xgg/echomd (>=1.0.0 <=1.0.4), @adobe/parliament-ui-components (>=4.6.0 <=5.1.0) +743 more potentially affected by CVE-2022-48345 via @braintree/sanitize-url (>=1.0.0 <=6.0.0)

@braintree/sanitize-url NPM version =1.0.0, =1.0.0, =4.6.0, =2.6.1, =0.1.0, =0.0.18, =0.0.0-development, =6.8.0, =0.1.2, =2.2.2, =0.5.0, =3.23.0, =0.0.0-nightly-2020972106, =0.1.1-alpha.19, =0.1.1-alpha.21 and more Source cves: CVE-2022-48345 Source advisory: OSV:GHSA-Q8GG-VJ6M-HGMJ...

6.1CVSS6.5AI score0.0056EPSS
Exploits0
CVE
CVE
added 2023/02/24 12:0 a.m.102 views

CVE-2022-48345

CVE-2022-48345 affects sanitize-url (aka @braintree/sanitize-url) before 6.0.2, allowing XSS via HTML entities. Public references show fixes moving to 6.0.2+ (e.g., commit and release notes comparing 6.0.1 → 6.0.2). Remediation: upgrade to 6.0.2 or later.

6.1CVSS5.7AI score0.0056EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder