Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2025/02/05 2:56 p.m.9 views

CVE-2020-15092

In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Mos...

7.2CVSS5.7AI score0.0106EPSS
Exploits0
osv
osv
added 2020/07/09 7:15 p.m.22 views

CVE-2020-15092

In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Mos...

4.8CVSS4.8AI score
Exploits0References2
nvd
nvd
added 2020/07/09 7:15 p.m.28 views

CVE-2020-15092

In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Mos...

7.2CVSS0.0106EPSS
Exploits0References2
attackerkb
attackerkb
added 2020/07/09 7:15 p.m.2 views

CVE-2020-15092

In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Mos...

7.2CVSS6AI score0.0106EPSS
Exploits0References4Affected Software1
prion
prion
added 2020/07/09 7:15 p.m.17 views

Design/Logic Flaw

In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Mos...

3.5CVSS4.7AI score0.0106EPSS
Exploits0References2Affected Software1
osv
osv
added 2020/07/09 6:28 p.m.24 views

GHSA-2JPM-827P-J44G Stored XSS in TimelineJS3

Impact TimelineJS renders some user data as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Most TimelineJS users...

7.2CVSS5.4AI score0.0106EPSS
Exploits0References4
github
github
added 2020/07/09 6:28 p.m.45 views

Stored XSS in TimelineJS3

Impact TimelineJS renders some user data as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Most TimelineJS users...

7.2CVSS5AI score0.0106EPSS
Exploits0References5Affected Software1
cve
cve
added 2020/07/09 6:25 p.m.63 views

CVE-2020-15092

Vulnerability summary (CVE-2020-15092) : TimelineJS

7.2CVSS5.1AI score0.0106EPSS
Exploits0References2Affected Software1
wpvulndb
wpvulndb
added 2020/07/09 12:0 a.m.43 views

Knight Lab Timeline < 3.7.0.0 - Outdated TimelineJS library could Lead to Stored XSS

The plugin used the TimelineJS library 3.7.0 which is affected by a stored Cross-Site Scripting issues if an attacker has write privileges on the source data used for the timeline which is stored on Google Sheets or in a JSON configuration file...

3.5CVSS1.6AI score0.0106EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder