6 matches found
EUVD-2022-5005
Malicious code in bioql PyPI...
CVE-2022-30241
The jquery.json-viewer library through 1.4.0 for Node.js does not properly escape characters such as in a JSON object, as demonstrated by a SCRIPT element...
GHSA-QP2Q-6H9J-JG2R Cross-site Scripting in jquery.json-viewer
The jquery.json-viewer library before version 1.5.0 for Node.js does not properly escape characters such as in a JSON object, as demonstrated by a SCRIPT element...
CVE-2022-30241
The jquery.json-viewer library through 1.4.0 for Node.js does not properly escape characters such as in a JSON object, as demonstrated by a SCRIPT element...
GHSA-V9WP-8R97-V6XG Cross-Site Scripting in jquery.json-viewer
Versions of jquery.json-viewer prior to 1.3.0 are vulnerable to Cross-Site Scripting XSS. The package insufficiently sanitizes user input when creating links, and concatenates the user input in an tag. This allows attackers to create malicious links with JSON payloads such as: "foo":...
Cross-Site Scripting
Overview Versions of jquery.json-viewer prior to 1.3.0 are vulnerable to Cross-Site Scripting XSS. The package insufficiently sanitizes user input when creating links, and concatenates the user input in an tag. This allows attackers to create malicious links with JSON payloads such as: "foo":...