Lucene search
+L

8 matches found

osv
osv
added 2019/02/18 11:39 p.m.32 views

GHSA-J6P2-CX3W-6JCP Cross-Site Scripting in backbone

Affected versions of backbone are vulnerable to cross-site scripting when users are allowed to supply input to the ModelEscape function, and the output is then written to the DOM. The vulnerability occurs as a result of the regular expression used to encode metacharacters failing to take HTML...

5.4CVSS5.5AI score0.00686EPSS
Exploits0References7
osv
osv
added 2018/05/31 8:29 p.m.26 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS5.6AI score
Exploits0References2
osv
osv
added 2018/05/31 8:29 p.m.3 views

DEBIAN-CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS5.4AI score0.00686EPSS
Exploits0References1
ubuntucve
ubuntucve
added 2018/05/31 8:29 p.m.27 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS6.5AI score0.00686EPSS
Exploits0References3
prion
prion
added 2018/05/31 8:29 p.m.24 views

Cross site scripting

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

3.5CVSS6.3AI score0.00686EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2018/05/31 8:0 p.m.73 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.4CVSS6.1AI score0.00686EPSS
Exploits0
cvelist
cvelist
added 2018/05/31 8:0 p.m.26 views

CVE-2016-10537

backbone is a module that adds in structure to a JavaScript heavy application through key-value pairs and custom events connecting to your RESTful API through JSON There exists a potential Cross Site Scripting vulnerability in the ModelEscape function of backbone 0.3.3 and earlier, if a user is...

5.2AI score0.00686EPSS
Exploits0References2
nodejs
nodejs
added 2016/05/05 9:21 p.m.34 views

Cross-Site Scripting

Overview Affected versions of backbone are vulnerable to cross-site scripting when users are allowed to supply input to the ModelEscape function, and the output is then written to the DOM. The vulnerability occurs as a result of the regular expression used to encode metacharacters failing to take...

3.5CVSS2.2AI score0.00686EPSS
Exploits0Affected Software1
Rows per page
Query Builder