CVE-2022-4735

A vulnerability classified as problematic was found in asrashley dash-live. This vulnerability affects the function ready of the file static/js/media.js of the component DOM Node Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch i...

CVE-2022-4735 asrashley dash-live DOM Node media.js ready cross site scripting

A vulnerability classified as problematic was found in asrashley dash-live. This vulnerability affects the function ready of the file static/js/media.js of the component DOM Node Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch i...

dash-live 跨站脚本漏洞

dash-live is a library by Alex Ashley, a personal developer. Fake DASH Live profile endpoints using static assets. A cross-site scripting vulnerability exists in dash-live, which stems from a ready function in the static/js/media.js file of its DOM Node Handler component that allows an attacker t...

PT-2022-28049 · Unknown · Asrashley Dash-Live

Name of the Vulnerable Software and Affected Versions: asrashley dash-live affected versions not specified Description: A problematic vulnerability was found in the function ready of the file static/js/media.js of the component DOM Node Handler. This issue leads to cross-site scripting and can be...

Use-After-Free

Thunderbird, Firefox ESR and Firefox are vulnerable to use-after-free vulnerability. A remote unauthenticated attacker could cause a system hang by exploiting the vulnerable component DOM Node Handler when script uses mutation events to append DOM nodes...