Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2026/01/13 8:35 p.m.10 views

tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

Summary A potential Regular Expression Denial of Service ReDoS vulnerability was identified in tarteaucitron.js in the handling of the issuuid parameter. Details The issue was caused by the use of insufficiently constrained regular expressions applied to attacker-controlled input: if...

4.4CVSS7AI score0.00107EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2025/04/07 12:0 a.m.4 views

tarteaucitron.js 安全漏洞

tarteaucitron.js is a cookie manager for the Amauri CHAMPEAUX individual developer. A security vulnerability exists in tarteaucitron.js versions prior to 1.20.1, which stems from insufficient validation of inputs to the addOrUpdate function and could lead to prototype contamination...

6.6CVSS6.3AI score0.00322EPSS
Exploits0References2
OSV
OSV
added 2024/03/27 5:16 p.m.3 views

DRUPAL-CONTRIB-2024-016

This module enables sites to comply with the European cookie law using tarteaucitron.js. The module doesn't sufficiently filter user-supplied markup inside of content leading to a persistent Cross Site Scripting XSS vulnerability. More details are available in CVE-2023-3620. This vulnerability is...

5.4CVSS6.1AI score0.00215EPSS
Exploits0References1
OSV
OSV
added 2021/12/20 9:15 p.m.4 views

CVE-2021-36887

Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin versions = 1.5.4, vulnerable parameters "tarteaucitronEmail" and "tarteaucitronPass"...

8.8CVSS5.8AI score0.00492EPSS
Exploits1References2
Rows per page
Query Builder