7 matches found
CVE-2023-29003
SvelteKit is a web development framework. The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery CSRF protecti...
EUVD-2024-3369
Malicious code in bioql PyPI...
EUVD-2023-1208
Malicious code in bioql PyPI...
EUVD-2023-1314
Malicious code in bioql PyPI...
CVE-2024-53261 Cross-Site Scripting attack (XSS) on dev mode 404 page in SvelteKit
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. "Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack XSS." The files...
CVE-2023-29008 SvelteKit framework has Insufficient CSRF protection for CORS requests
The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery CSRF protection to its users. The protection is...
CVE-2023-29003 SvelteKit has Insufficient Cross-Site Request Forgery Protection
SvelteKit is a web development framework. The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery CSRF protecti...