21 matches found
EUVD-2022-1359
Malicious code in bioql PyPI...
CVE-2022-24717
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24718
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
Ssr Pages path traversal vulnerability
Ssr Pages is an Html page builder for Ssr server-side rendering. a path traversal vulnerability exists in Ssr Pages, which stems from a path traversal issue that can occur when untrusted input is provided to the svg attribute as an argument to the buildMessagePageOptions function, which can be...
Ssr Pages Cross-Site Scripting Vulnerability
Ssr Pages is an Html page builder for Ssr server-side rendering. Ssr Pages suffers from a cross-site scripting vulnerability that can be exploited by an attacker to provide untrusted input to a redirect, resulting in cross-site scripting...
GHSA-7F63-H6G3-7CWM Cross Site Scripting (XSS) in @finastra/ssr-pages
A cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. References - https://github.com/Finastra/ssr-pages/pull/2 -...
feling87-nodejs-libs (>=0.0.1 <=0.0.3) potentially affected by CVE-2022-24717 via @finastra/ssr-pages (=0.1.3)
@finastra/ssr-pages NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @finastra/ssr-pages and may be impacted: - feling87-nodejs-libs =0.0.1, =0.0.3 Source cves: CVE-2022-24717 Source advisory: OSV:GHSA-7F63-H6G3-7CWM...
Path Traversal in @finastra/ssr-pages
A path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. References - https://github.com/Finastra/ssr-pages/pull/1 - https://github.com/Finastra/ssr-pages/pull/1/commits/c3e4c563384ae3ba3892f37dd190218577620780...
GHSA-W6CX-QG2Q-RVQ8 Path Traversal in @finastra/ssr-pages
A path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. References - https://github.com/Finastra/ssr-pages/pull/1 - https://github.com/Finastra/ssr-pages/pull/1/commits/c3e4c563384ae3ba3892f37dd190218577620780...
feling87-nodejs-libs (>=0.0.1 <=0.0.3) potentially affected by CVE-2022-24718 via @finastra/ssr-pages (=0.1.3)
@finastra/ssr-pages NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @finastra/ssr-pages and may be impacted: - feling87-nodejs-libs =0.0.1, =0.0.3 Source cves: CVE-2022-24718 Source advisory: OSV:GHSA-W6CX-QG2Q-RVQ8...
CVE-2022-24717
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24718
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24718 Path Traversal in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24718 Path Traversal in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24718 Path Traversal in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24718
CVE-2022-24718 affects the ssr-pages HTML page builder. A path traversal vulnerability exists when untrusted input is provided to the svg property as an argument to build(MessagePageOptions). The issue is present in versions prior to 0.1.4. A patch is available in version 0.1.4 (upgrade to 0.1.4 ...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...
CVE-2022-24717
CVE-2022-24717 affects ssr-pages (HTML SSR tool). The vulnerability is a Cross-Site Scripting (XSS) issue triggered by untrusted input passed to redirect.link in the build(MessagePageOptions) function, in versions prior to 0.1.5. A patch exists in version 0.1.5. Connected documents confirm the is...
CVE-2022-24717 Cross Site Scripting (XSS) in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.5, a cross site scripting XSS issue can occur when providing untrusted input to the redirect.link property as an argument to the buildMessagePageOptions function. While there is no known...