Lucene search
Veracode Vulnerability DatabaseVERACODE:39006HistoryJan 25, 2023 - 10:55 a.m.
Cross-Site Scripting (XSS)
2023-01-2510:55:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
cross-site scripting
builder.io/qwik
render-ssr.ts
vulnerability
javascript
user inputs
EPSS
0.001
Percentile
26.7%
@builder.io/qwik is vulnerable to Cross-Site Scripting (XSS). The vulnerability exists due to improper sanitization of user inputs in render-ssr.ts, which allows an attacker to inject and execute arbitrary JavaScript.
Related
cvelist
cvelist
CVE-2023-0410 Cross-site Scripting (XSS) - Generic in builderio/qwik
2023-01-20 00:00:00
github
github
@builder.io/qwik vulnerable to Cross-site Scripting
2023-01-20 03:30:28
prion
prion
Cross site scripting
2023-01-20 01:15:00
osv
osv
CVE-2023-0410
2023-01-20 01:15:10
@builder.io/qwik vulnerable to Cross-site Scripting
2023-01-20 03:30:28
huntr
huntr
Attributes are not properly handled leading to XSS
2022-12-19 13:17:01
nvd
nvd
CVE-2023-0410
2023-01-20 01:15:10
cve
cve
CVE-2023-0410
2023-01-20 01:15:10