3 matches found
CVE-2025-31475
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where the addOrUpdate function, used for applying custom texts, did not properly validate input. This allowed an attacker with direct access to the site's source code ...
CVE-2025-31475
CVE-2025-31475 affects tarteaucitron.js (prior to 1.20.1). The addOrUpdate function did not properly validate inputs, allowing an attacker with access to source or CMS plugins to perform prototype pollution, potentially modifying core JavaScript behavior, causing data corruption, crashes, or unin...
CVE-2025-31475 tarteaucitron.js allows prototype pollution via custom text injection
tarteaucitron.js is a compliant and accessible cookie banner. A vulnerability was identified in tarteaucitron.js prior to 1.20.1, where the addOrUpdate function, used for applying custom texts, did not properly validate input. This allowed an attacker with direct access to the site's source code ...