3 matches found
CVE-2025-1467
creationtimestamp| type| source ---|---|--- 2025-02-23 16:21:07+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/5097 2025-02-23 17:38:06+00:00| seen| Telegram/HOWrDrRtJJhI0lxzVstaqEvpdh1Gh89a-PjhvLNEXtXBG3I 2025-02-23 19:23:10+00:00| seen| https://t.me/cvedetector/18750...
CVE-2025-1467
Versions of the package tarteaucitronjs before 1.17.0 are vulnerable to Cross-site Scripting XSS via the getElemWidth and getElemHeight. This is related to SNYK-JS-TARTEAUCITRONJS-8366541...
CVE-2025-1467
The CVE-2025-1467 entry concerns tarteaucitronjs versions before 1.17.0, which are vulnerable to Cross-site Scripting (XSS) via the getElemWidth() and getElemHeight() functions. Multiple sources (NVD, Red Hat, Veracode, OSV, CIRCL, GHSA) consistently describe the flaw as an XSS issue rooted in in...