11 matches found
EUVD-2022-1359
Malicious code in bioql PyPI...
CVE-2022-24717
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24718
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
GHSA-7F63-H6G3-7CWM Cross Site Scripting (XSS) in @finastra/ssr-pages
A cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. References - https://github.com/Finastra/ssr-pages/pull/2 -...
CVE-2022-24718
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24717
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24718
CVE-2022-24718 affects the ssr-pages HTML page builder. A path traversal vulnerability exists when untrusted input is provided to the svg property as an argument to build(MessagePageOptions). The issue is present in versions prior to 0.1.4. A patch is available in version 0.1.4 (upgrade to 0.1.4 ...
CVE-2022-24718 Path Traversal in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24717
CVE-2022-24717 affects ssr-pages (HTML SSR tool). The vulnerability is a Cross-Site Scripting (XSS) issue triggered by untrusted input passed to redirect.link in the build(MessagePageOptions) function, in versions prior to 0.1.5. A patch exists in version 0.1.5. Connected documents confirm the is...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...