7 matches found
EUVD-2018-0260
Malware in sbrugna...
CVE-2017-16010
i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulnerability because user input is assumed to be escaped, but i...
CVE-2017-16010
i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulnerability because user input is assumed to be escaped, but i...
Cross site scripting
i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulnerability because user input is assumed to be escaped, but i...
CVE-2017-16010
i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result in a cross-site scripting vulnerability because user input is assumed to be escaped, but i...
CVE-2017-16010
Removed by vendor...
Cross-site Scripting (XSS)
i18next is vulnerable to cross-site scripting XSS attacks. When the .init method is called by passing interpolation options without passing an escapeValue, it set to undefined rather than true by default, not escaping user input...