Lucene search
Veracode Vulnerability DatabaseVERACODE:3899HistoryApr 17, 2017 - 2:22 a.m.
Cross-site Scripting (XSS)
2017-04-1702:22:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
29.5%
Morris.js is vulnerable to cross-site scripting (XSS) attacks. These attacks are possible through the hovering label names. These labels aren’t escaped so if these labels are attacker controlled, malicious script can be executed client side each time a graph is loaded.
Related
osv
osv
CVE-2017-16022
2018-06-04 19:29:01
Cross-Site Scripting in morris.js
2018-11-09 17:46:30
github
github
Cross-Site Scripting in morris.js
2018-11-09 17:46:30
cve
cve
CVE-2017-16022
2018-06-04 19:29:01
prion
prion
Code injection
2018-06-04 19:29:00
cvelist
cvelist
CVE-2017-16022
2018-04-26 00:00:00
nvd
nvd
CVE-2017-16022
2018-06-04 19:29:01
nodejs
nodejs
Cross-Site Scripting
2017-01-24 23:02:32