Lucene search
Veracode Vulnerability DatabaseVERACODE:39613HistoryMar 10, 2023 - 1:57 a.m.
Cross-site Scripting (XSS)
2023-03-1001:57:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
uvdesk
community-skeleton
cross-site scripting
xss
input validation
browser.
0.001 Low
EPSS
Percentile
23.5%
uvdesk/community-skeleton is vulnerable to Cross-site Scripting (XSS). The vulnerability exists because the library does not properly validate the user-supplied input before being rendered, allowing an attacker to inject and execute malicious JavaScript in the browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| uvdesk/community-skeleton | le | v1.0.18 | |
| uvdesk/community-skeleton | le | v1.0.18 |
Related
osv
osv
CVE-2023-1197
2023-03-06 16:15:10
uvdesk/community-skeleton vulnerable to Stored Cross-site Scripting
2023-03-06 18:30:22
huntr
huntr
Cross-Site Scripting (Stored/Persistent) in Categories
2023-02-23 23:49:40
cvelist
cvelist
nvd
nvd
CVE-2023-1197
2023-03-06 16:15:10
github
github
uvdesk/community-skeleton vulnerable to Stored Cross-site Scripting
2023-03-06 18:30:22
cve
cve
CVE-2023-1197
2023-03-06 16:15:10
prion
prion
Cross site scripting
2023-03-06 16:15:00