Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2023/02/14 9:35 p.m.4 views

@adelosrios/plugin-dependencytrack (>=0.2.8 <=0.2.9), @apresti12/plugin-argocd-autopilot (=0.2.1) +184 more potentially affected by CVE-2023-25571 via @backstage/core-components (>=0.0.0-nightly-20220310022859 <=0.11.2)

@backstage/core-components NPM version =0.0.0-nightly-20220310022859, =0.2.8, =0.1.3, =0.0.0-nightly-2022122206, =0.0.0-nightly-2021533445, =0.0.0-nightly-20240929023448, =0.0.0-nightly-20230927021302, =0.0.0-nightly-20251125024456, =0.0.0-nightly-2021242250, =0.0.0-nightly-20231223021142,...

6.8CVSS6.5AI score0.00453EPSS
Exploits0
OSV
OSV
added 2023/02/14 5:0 p.m.28 views

CVE-2023-25571 Backstage has XSS Vulnerability in Software Catalog

Backstage is an open platform for building developer portals. @backstage/catalog-model prior to version 1.2.0, @backstage/core-components prior to 0.12.4, and @backstage/plugin-catalog-backend prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicio...

6.8CVSS5.5AI score0.00453EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/02/14 5:0 p.m.40 views

CVE-2023-25571 Backstage has XSS Vulnerability in Software Catalog

Backstage is an open platform for building developer portals. @backstage/catalog-model prior to version 1.2.0, @backstage/core-components prior to 0.12.4, and @backstage/plugin-catalog-backend prior to 1.7.2 are affected by a cross-site scripting vulnerability. This vulnerability allows a malicio...

6.8CVSS6.3AI score0.00453EPSS
Exploits0References2
CVE
CVE
added 2023/02/14 5:0 p.m.63 views

CVE-2023-25571

CVE-2023-25571 affects Backstage components: @backstage/catalog-model &lt;1.2.0, @backstage/core-components &lt;0.12.4, and @backstage/plugin-catalog-backend

6.8CVSS5.6AI score0.00453EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder