5 matches found
CVE-2024-32468
Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...
CVE-2024-32468
Deno (Rust-based runtime) with deno_doc HTML generator vulnerabilities: XSS in generated search_index.js where innerHTML is used on unsanitized HTML, and XSS via un sanitized property, method, and enum names. This affects the deno_doc component and could enable Self-XSS when using deno doc --html...
CVE-2024-32468 Improper neutralization of input during web page generation ("Cross-site Scripting") in deno_doc HTML generator
Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...
Deno 跨站脚本漏洞
Deno is a simple, modern and secure JavaScript and TypeScript runtime environment open-sourced by Deno. It uses V8 and is built with Rust. Deno suffers from a cross-site scripting vulnerability that stems from the denodoc package containing multiple cross-site scripting vulnerabilities...
PT-2024-24595 · Deno · Deno
Name of the Vulnerable Software and Affected Versions: Deno versions prior to 1.41.1 Description: The issue concerns several cross-site scripting vulnerabilities in the deno doc crate, leading to Self-XSS when using deno doc --html. Specifically, there are two vulnerabilities: 1. The generated...