Lucene search
Veracode Vulnerability DatabaseVERACODE:46713HistoryMay 02, 2024 - 8:09 a.m.
Cross Site Scripting (XSS)
2024-05-0208:09:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
cross site scripting
input validation
arbitrary execution
web scripts
html
crafted payload
vulnerable software
yapi-vendor is vulnerable to Cross Site Scripting (XSS). The vulnerability is due to insufficient input validation in its Advanced Expectation - Response module, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yapi-vendor | le | 1.12.0 | |
| yapi-vendor | le | 1.12.0 |
Related
cvelist
cvelist
CVE-2024-33831
2024-04-30 00:00:00
cve
cve
CVE-2024-33831
2024-04-30 18:15:19
nvd
nvd
CVE-2024-33831
2024-04-30 18:15:19