CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-0631

Malicious code in bioql PyPI...

5.4CVSS5.9AI score0.00799EPSS

Exploits1References7

Veracode•added 2023/02/14 3:19 a.m.•50 views

Cross-site Scripting (XSS)

react-admin is vulnerable to Cross-site Scripting XSS. The vulnerability exists because the dangerouslySetInnerHTML attribute in RichTextField.tsx does not sanitize on the client side. If the data isn't sanitized server-side, the RichTextField attribute allows an attacker to inject and execute...

5.4CVSS5.9AI score0.00799EPSS

Exploits1References7Affected Software2

Github Security Blog•added 2023/02/14 12:32 a.m.•32 views

Cross-Site-Scripting attack on `<RichTextField>`

Impact All React applications built with react-admin and using the are affected. outputs the field value using dangerouslySetInnerHTML without client-side sanitization. If the data isn't sanitized server-side, this opens a possible Cross-Site-Scripting XSS attack. Proof of concept: jsx import...

5.4CVSS5.8AI score0.00799EPSS

Exploits1References7Affected Software2

NVD•added 2023/02/13 9:15 p.m.•17 views

CVE-2023-25572

react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and usi...

5.4CVSS5.1AI score0.00799EPSS

Exploits1References5

Prion•added 2023/02/13 9:15 p.m.•14 views

Cross site scripting

4.9CVSS5.2AI score0.00799EPSS

Exploits1References5Affected Software2

Vulnrichment•added 2023/02/13 8:49 p.m.•6 views

CVE-2023-25572 React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>`

5.4CVSS5.3AI score0.00799EPSS

Exploits1References5

Cvelist•added 2023/02/13 8:49 p.m.•21 views

CVE-2023-25572 React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>`

5.4CVSS5.3AI score0.00799EPSS

Exploits1References5

CVE•added 2023/02/13 8:49 p.m.•57 views

CVE-2023-25572

CVE-2023-25572 concerns react-admin and related RA UI Material-UI before 3.19.12/4.7.6, where the RichTextField outputs HTML via dangerouslySetInnerHTML without client-side sanitization. If server-side data isn’t sanitized, this enables cross-site scripting (XSS) across React applications built w...

5.4CVSS5.3AI score0.00799EPSS

Exploits1References5Affected Software2

OSV•added 2023/02/13 8:49 p.m.•19 views

CVE-2023-25572 React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>`

5.4CVSS5.3AI score0.00799EPSS

Exploits1References7

Positive Technologies•added 2023/02/13 12:0 a.m.•2 views

PT-2023-20171 · Unknown · Ra-Ui-Materialui +1

Name of the Vulnerable Software and Affected Versions: react-admin versions prior to 3.19.12 and 4.7.6 ra-ui-materialui versions prior to 3.19.12 and 4.7.6 Description: The issue affects all React applications built with react-admin and using the . This component outputs the field value using...

5.4CVSS5.4AI score0.00799EPSS

Exploits1References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by