Lucene search
Veracode Vulnerability DatabaseVERACODE:39081HistoryFeb 02, 2023 - 6:34 a.m.
Cross-Site Scripting (XSS)
2023-02-0206:34:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
microweber
vulnerability
cross-site scripting
xss
attacks
library
special characters
output
front end
attacker
malicious javascript
browser
software
0.001 Low
EPSS
Percentile
20.3%
microweber/microweber is vulnerable to Cross-Site Scripting (XSS) attacks. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious JavaScript on victim’s browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microweber/microweber | le | v1.3.1 | |
| microweber/microweber | le | v1.3.1 |
Related
osv
osv
Microweber contains Cross-site Scripting
2023-02-01 06:30:28
CVE-2023-0608
2023-02-01 06:15:09
nvd
nvd
CVE-2023-0608
2023-02-01 06:15:09
cve
cve
CVE-2023-0608
2023-02-01 06:15:09
cvelist
cvelist
CVE-2023-0608 Cross-site Scripting (XSS) - DOM in microweber/microweber
2023-02-01 00:00:00
huntr
huntr
Xss vulnerability in Button module
2022-09-29 16:11:48
cnvd
cnvd
Microweber Cross-Site Scripting Vulnerability (CNVD-2023-07919)
2023-02-09 00:00:00
prion
prion
Cross site scripting
2023-02-01 06:15:00
github
github
Microweber contains Cross-site Scripting
2023-02-01 06:30:28