CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/02/05 10:49 p.m.•3 views

CVE-2022-1243

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...

7.2CVSS5.9AI score0.00333EPSS

Exploits1References1

Prion•added 2022/04/05 3:15 p.m.•9 views

Cross site scripting

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11...

4.3CVSS6AI score0.00333EPSS

Exploits1References2Affected Software1

CVE•added 2022/04/05 3:5 p.m.•93 views

CVE-2022-1243

CVE-2022-1243 concerns the medialize/uri.js library. The issue, caused by CRHTLF, can lead to invalid protocol extraction and potential cross‑site scripting (XSS) when processing user‑supplied URLs in uri.js prior to version 1.19.11. The vulnerability affects medialize/uri.js used by projects suc...

7.2CVSS6.1AI score0.00333EPSS

Exploits1References2Affected Software1

CNNVD•added 2022/04/05 12:0 a.m.•1 views

Medialize URI.js 安全漏洞

Medialize URI.js is a Javascript-based code library from the Medialize team that can be used to efficiently splice URLs. A security vulnerability exists in Medialize URI.js versions prior to 1.19.11, which stems from CRHTLF resulting in invalid protocol extraction...

7.2CVSS6.8AI score0.00333EPSS

Exploits1References4

Positive Technologies•added 2022/04/05 12:0 a.m.•2 views

PT-2022-13743 · Medialize · Uri.Js

Name of the Vulnerable Software and Affected Versions: medialize/uri.js versions prior to 1.19.11 Description: The issue is related to CRHTLF, which can lead to invalid protocol extraction, potentially resulting in XSS. Specifically, characters such as r, , and t in user-input URLs can cause...

7.2CVSS6.4AI score0.00333EPSS

Exploits1References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by