Lucene search
Veracode Vulnerability DatabaseVERACODE:39146HistoryFeb 06, 2023 - 6:25 a.m.
Cross-site Scripting (XSS)
2023-02-0606:25:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
eta
cross-site scripting
file handlers
express api
user-input sanitization
malicious javascript
0.001 Low
EPSS
Percentile
27.3%
eta is vulnerable to Cross-site Scripting (XSS). The vulnerability exists in file-handlers.ts due to improper user-input sanitization from the Express API allowing an attacker to inject and execute malicious JavaScript.
Related
osv
osv
CVE-2023-23630
2023-02-01 01:15:08
XSS Attack with Express API
2023-01-31 22:39:40
cve
cve
CVE-2023-23630
2023-02-01 01:15:08
nvd
nvd
CVE-2023-23630
2023-02-01 01:15:08
prion
prion
Design/Logic Flaw
2023-02-01 01:15:00
github
github
XSS Attack with Express API
2023-01-31 22:39:40
cvelist
cvelist
CVE-2023-23630 Cross-site (XSS) vulnerability with Express API in Eta
2023-02-01 00:38:29