Lucene search
K

252 matches found

OSV
OSV
added 2022/09/19 12:0 a.m.5 views

GHSA-Q4Q5-C5CV-2P68 Vuetify Cross-site Scripting vulnerability

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

5.4CVSS6.1AI score0.0066EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2022/09/19 12:0 a.m.49 views

Vuetify Cross-site Scripting vulnerability

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

5.4CVSS2.2AI score0.0066EPSS
Exploits1References8Affected Software2
NVD
NVD
added 2022/09/18 3:15 p.m.24 views

CVE-2022-25873

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

5.4CVSS0.0066EPSS
Exploits1References6
Prion
Prion
added 2022/09/18 3:15 p.m.13 views

Cross site scripting

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

5.8CVSS5.2AI score0.0066EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/09/18 2:55 p.m.18 views

CVE-2022-25873 Cross-site Scripting (XSS)

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

4.6CVSS6.1AI score0.0066EPSS
Exploits1References8
CVE
CVE
added 2022/09/18 2:55 p.m.112 views

CVE-2022-25873

CVE-2022-25873 affects vuetify's VCalendar component: XSS due to improper input sanitization in the eventName function. Affected versions are 2.0.0-beta.4 through 2.6.10. Root cause: inadequate sanitization enabling script injection. Impact: cross-site scripting risks in applications using these ...

5.4CVSS4.8AI score0.0066EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/09/18 2:50 p.m.3 views

CVE-2022-25873

The package vuetify from 2.0.0-beta.4 and before 2.6.10 are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component...

5.4CVSS6.1AI score0.0066EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2022/09/18 12:0 a.m.9 views

PT-2022-17580 · Vuetify · Vuetify

Name of the Vulnerable Software and Affected Versions: vuetify versions 2.0.0-beta.4 through 2.6.10 Description: The issue is related to Cross-site Scripting XSS due to improper input sanitization in the eventName function within the VCalendar component. This allows for potential malicious script...

5.4CVSS5.2AI score0.0066EPSS
Exploits1References12
CNNVD
CNNVD
added 2022/09/18 12:0 a.m.4 views

vuetify 跨站脚本漏洞

vuetify is a German vuetify open source material component framework for Vue. A security vulnerability exists in vuetify versions 2.0.0-beta.4 through 2.6.10, which stems from incorrect input cleanup in the "eventName" function of the VCalendar component...

5.4CVSS5.6AI score0.0066EPSS
Exploits1References7
vulnersOsv
vulnersOsv
added 2022/09/09 11:53 a.m.5 views

@appsocially/timepassport (>=0.1.2-0.1 <=0.1.29), @becompliancebr/shared-components (>=1.0.0 <=1.10.0) +73 more potentially affected by CVE-2022-25873 via vuetify (>=2.0.0 <=2.6.1)

vuetify NPM version =2.0.0, =0.1.2-0.1, =1.0.0, =1.2.5, =5.0.1-beta.0, =0.0.128, =0.0.101-beta.22, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.0.128, =0.1.0, =0.1.1 - @een/cm-timeline-sdk =0.1.8 and more Source cves: CVE-2022-25873 Source advisory: SNYK:JS-VUETIFY-3019858...

5.4CVSS6AI score0.0066EPSS
Exploits1
Snyk
Snyk
added 2022/09/09 11:53 a.m.3 views

Cross-site Scripting (XSS)

Overview vuetify is an a Material Design component framework for Vue.js. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper input sanitization in the 'eventName' function within the VCalendar component. Details Cross-site scripting or XSS is a code...

5.4CVSS5.3AI score0.0066EPSS
Exploits1References2
Kitploit
Kitploit
added 2020/05/29 12:30 p.m.107 views

Purify - All-in-one Tool For Managing Vulnerability Reports From AppSec Pipelines

All-in-one tool for managing vulnerability reports Why The goal of Purify to be an easy-in-use and efficient tool to simplify a workflow of managing vulnerabilities delivered from various tools. Purify is designed to analyze the report of any tool , if the report is in JSON or XML format. This...

7.4AI score
Exploits0References3
Rows per page
Query Builder