Lucene search
Veracode Vulnerability DatabaseVERACODE:21681HistoryOct 11, 2019 - 3:43 a.m.
Cross-Site Scripting (XSS)
2019-10-1103:43:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
EPSS
0.001
Percentile
29.3%
PrettyPhoto is vulnerable to DOM-based cross-site scripting (XSS). The attack is possible because it fails to encode special characters from user provided data after the # in the URL. The vulnerability exists in the getHashtag function of js/jquery.prettyPhoto.js, allowing an attacker to inject arbitrary Javascript into a victimβs browser.
Related
prion
prion
Cross site scripting
2019-10-10 17:15:00
cve
cve
CVE-2015-9478
2019-10-10 17:15:16
cvelist
cvelist
CVE-2015-9478
2019-10-10 16:19:15
nvd
nvd
CVE-2015-9478
2019-10-10 17:15:16