CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-0627

Malware in sbrugna...

6.1CVSS6.2AI score0.00223EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 8:6 a.m.•4 views

CVE-2019-15482

selectize-plugin-a11y before 1.1.0 has XSS via the msg field...

6.1CVSS5.8AI score0.00223EPSS

Exploits0References1

Node.js•added 2019/09/04 6:50 p.m.•20 views

Cross-Site Scripting

Overview Versions of selectize-plugin-a11y prior to 1.1.0 are vulnerable to Cross-Site Scripting. The accessibility.liveRegion.speak function does not sanitize the msg variable before rendering it as HTML. If this variable is controlled by user input it allows attackers to execute arbitrary...

4.3CVSS4.4AI score0.00223EPSS

Exploits0Affected Software1

Github Security Blog•added 2019/08/27 5:38 p.m.•22 views

Cross-Site Scripting in selectize-plugin-a11y

Versions of selectize-plugin-a11y prior to 1.1.0 are vulnerable to Cross-Site Scripting. The accessibility.liveRegion.speak function does not sanitize the msg variable before rendering it as HTML. If this variable is controlled by user input it allows attackers to execute arbitrary JavaScript in ...

6.1CVSS4.4AI score0.00223EPSS

Exploits0References5Affected Software1

OSV•added 2019/08/27 5:38 p.m.•16 views

GHSA-8CPW-73F2-W58M Cross-Site Scripting in selectize-plugin-a11y

6.1CVSS6.4AI score0.00223EPSS

Exploits0References4

CNVD•added 2019/08/27 12:0 a.m.•1 views

selectize-plugin-a11y cross-site scripting vulnerability

selectize-plugin-a11y is a plugin that sets the Selectize.js accessibile to Combobox. A cross-site scripting vulnerability exists in selectize-plugin-a11y versions prior to 1.1.0, which can be exploited by an attacker to execute client-side code...

6.1CVSS6.4AI score0.00223EPSS

Exploits0References1

Veracode•added 2019/08/26 2:47 a.m.•14 views

Cross-site Scripting (XSS)

selectize-plugin-a11y is vulnerable to cross-site scripting XSS. The vulnerability exists due to improper handling of the msg field which allows a malicious user to inject and execute arbitrary Javascript through it...

6.1CVSS1.4AI score0.00223EPSS

Exploits0References3Affected Software1

NVD•added 2019/08/23 1:15 p.m.•12 views

CVE-2019-15482

selectize-plugin-a11y before 1.1.0 has XSS via the msg field...

6.1CVSS6AI score0.00223EPSS

Exploits0References2

OSV•added 2019/08/23 1:15 p.m.•1 views

CVE-2019-15482

selectize-plugin-a11y before 1.1.0 has XSS via the msg field...

6.1CVSS6.3AI score0.00223EPSS

Exploits0References2

Prion•added 2019/08/23 1:15 p.m.•10 views

Design/Logic Flaw

selectize-plugin-a11y before 1.1.0 has XSS via the msg field...

4.3CVSS5.9AI score0.00223EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/08/23 12:51 p.m.•12 views

CVE-2019-15482

selectize-plugin-a11y before 1.1.0 has XSS via the msg field...

6AI score0.00223EPSS

Exploits0References2

CVE•added 2019/08/23 12:51 p.m.•46 views

CVE-2019-15482

The CVE-2019-15482 entry concerns the package selectize-plugin-a11y prior to version 1.1.0, where a Cross-Site Scripting (XSS) vulnerability exists in the msg field. The root cause, as described in the Node.js advisory, is that the accessibility.liveRegion.speak function does not sanitize the msg...

6.1CVSS5.9AI score0.00223EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by