Lucene search
Veracode Vulnerability DatabaseVERACODE:39826HistoryMar 18, 2023 - 10:00 a.m.
Cross-site Scripting (XSS)
2023-03-1810:00:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
cross-site scripting
vulnerability
sanitization
malicious url
javascript payload
browser.
EPSS
0.001
Percentile
33.1%
streamlit is vulnerable to Cross-site Scripting (XSS). The vulnerability is due to a lack of sanitization in the path parameter in components.py; an attacker is able to trick the user into visiting a malicious URL which executes the malicious JavaScript payload into the browser.
Related
nvd
nvd
CVE-2023-27494
2023-03-16 21:15:13
osv
osv
PYSEC-2023-50
2023-03-16 21:15:00
CVE-2023-27494
2023-03-16 21:15:13
Streamlit publishes previously-patched Cross-site Scripting vulnerability
2023-03-17 14:43:03
cve
cve
CVE-2023-27494
2023-03-16 21:15:13
cvelist
cvelist
CVE-2023-27494 Streamlit Cross-site Scripting vulnerability
2023-03-16 20:29:17
github
github
Streamlit publishes previously-patched Cross-site Scripting vulnerability
2023-03-17 14:43:03
prion
prion
Cross site scripting
2023-03-16 21:15:00