Lucene search
Veracode Vulnerability DatabaseVERACODE:37706HistoryOct 28, 2022 - 1:10 a.m.
Cross-site Scripting (XSS)
2022-10-2801:10:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
cross-site scripting
remote attacker
javascript execution
parser.php
vulnerability
EPSS
0.001
Percentile
34.0%
joyqi/hyper-down is vulnerable to cross-site scripting (XSS). The library does not properly escape the href attribute in Parser.php, which allows a remote attacker to inject and execute malicious JavaScript.
Related
prion
prion
Cross site scripting
2022-10-26 05:15:00
cve
cve
CVE-2022-25849
2022-10-26 05:15:08
osv
osv
HyperDown vulnerable to Cross-site Scripting
2022-10-26 12:00:29
cvelist
cvelist
CVE-2022-25849 Cross-site Scripting (XSS)
2022-10-26 05:05:09
nvd
nvd
CVE-2022-25849
2022-10-26 05:15:08
github
github
HyperDown vulnerable to Cross-site Scripting
2022-10-26 12:00:29