Lucene search
K

4 matches found

EUVD
EUVD
added 2026/02/25 4:4 p.m.4 views

EUVD-2026-8599

repostat: Reflected Cross-Site Scripting XSS via repo prop in RepoCard...

6.1CVSS5.2AI score0.00196EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/25 2:38 a.m.28 views

CVE-2026-27612 Repostat Vulnerable to Reflected Cross-Site Scripting (XSS) via repo prop in RepoCard

Repostat is a React component to fetch and display GitHub repository info. Prior to version 1.0.1, the RepoCard component is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability occurs because the component uses React's dangerouslySetInnerHTML to render the repository name repo pro...

6.1CVSS0.00196EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/25 2:38 a.m.2 views

CVE-2026-27612 Repostat Vulnerable to Reflected Cross-Site Scripting (XSS) via repo prop in RepoCard

Repostat is a React component to fetch and display GitHub repository info. Prior to version 1.0.1, the RepoCard component is vulnerable to Reflected Cross-Site Scripting XSS. The vulnerability occurs because the component uses React's dangerouslySetInnerHTML to render the repository name repo pro...

6.1CVSS5.8AI score0.00196EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 2:38 a.m.33 views

CVE-2026-27612

CVE-2026-27612 concerns the Repostat React component before version 1.0.1, where the repo prop is rendered with dangerouslySetInnerHTML during loading, allowing reflected XSS if unvalidated input is provided. The issue is fixed in 1.0.1 by switching to safe JSX data binding. The CVSSv3.1 base sco...

6.1CVSS5.8AI score0.00196EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder