3 matches found
GHSA-R4JG-5V89-9V62 Withdrawn: Octocat.js vulnerable to code injection
Withdrawn This advisory has been withdrawn because it is a test. Original Description Impact Users can include their own images for accessories via provided URLs. These URLs are not validated and can result in execution of injected code. Patches This vulnerability was fixed in version 1.2 of...
Withdrawn: Octocat.js vulnerable to code injection
Withdrawn This advisory has been withdrawn because it is a test. Original Description Impact Users can include their own images for accessories via provided URLs. These URLs are not validated and can result in execution of injected code. Patches This vulnerability was fixed in version 1.2 of...
PT-2022-24950 · Unknown · Octocat.Js
Name of the Vulnerable Software and Affected Versions: octocat.js versions prior to 1.2 Description: The issue concerns JavaScript injection via user-provided URLs. Users can include their own images for accessories via provided URLs, which are not validated, resulting in the potential execution ...