Lucene search
Veracode Vulnerability DatabaseVERACODE:38764HistoryJan 04, 2023 - 4:31 a.m.
Cross-site Scripting (XSS)
2023-01-0404:31:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
trafficserver vulnerability
improper input validation
malicious javascript injection
0.003 Low
EPSS
Percentile
67.9%
trafficserver is vulnerable to improper input validation. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| trafficserver:sid | eq | 8.1.0+ds-2 | |
| trafficserver:sid | eq | 8.1.0+ds-2 |
Related
openvas
openvas
Apache Traffic Server (ATS) 9.x < 9.1.3 XSS Vulnerability
2022-12-20 00:00:00
Fedora: Security Advisory for trafficserver (FEDORA-2022-489ea47e69)
2022-12-30 00:00:00
Fedora: Security Advisory for trafficserver (FEDORA-2022-62b61a8542)
2022-12-30 00:00:00
cnvd
cnvd
Apache Traffic Server Cross-Site Scripting Vulnerability (CNVD-2023-03922)
2022-12-21 00:00:00
cve
cve
CVE-2022-40743
2022-12-19 12:15:11
prion
prion
Input validation
2022-12-19 12:15:00
ubuntucve
ubuntucve
CVE-2022-40743
2022-12-19 00:00:00
nvd
nvd
CVE-2022-40743
2022-12-19 12:15:11
osv
osv
CVE-2022-40743
2022-12-19 12:15:11
cvelist
cvelist
CVE-2022-40743 Apache Traffic Server: Security issues with the xdebug plugin
2022-12-19 11:06:14
debiancve
debiancve
CVE-2022-40743
2022-12-19 12:15:11
nessus
nessus
Fedora 36 : trafficserver (2022-489ea47e69)
2022-12-29 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: trafficserver-9.1.4-1.fc37
2022-12-29 01:10:11
[SECURITY] Fedora 36 Update: trafficserver-9.1.4-1.fc36
2022-12-29 01:16:05