Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35060
HistoryApr 12, 2022 - 7:07 a.m.

Cross-site Scripting (XSS)

2022-04-1207:07:41
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
27
privatebin
xss
vulnerability
attachmentviewer
malicious script execution
svg
sanitization
software

EPSS

0.001

Percentile

30.5%

privatebin is vulnerable to cross-site scripting. No sanitization in handling Attachment before sending for preview in SVG in AttachmentViewer allows malicious script execution in instance context.

EPSS

0.001

Percentile

30.5%

Related for VERACODE:35060