Lucene search
Veracode Vulnerability DatabaseVERACODE:5461HistoryNov 20, 2017 - 4:55 a.m.
Cross-site Scripting (XSS)
2017-11-2004:55:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
31.5%
filp/whoops is vulnerable to cross-site scripting (XSS) attacks. The library does not sanitize the parameters in the dump() function in the src/Whoops/Util/TemplateHelper.php file before printing them, allowing a malicious user to inject and execute arbitrary web script.
| CPE | Name | Operator | Version |
|---|---|---|---|
| filp/whoops | le | 2.1.12 |
Related
prion
prion
Cross site scripting
2017-11-17 21:29:00
osv
osv
CVE-2017-16880
2017-11-17 21:29:00
filp whoops Cross-site Scripting vulnerability
2022-05-17 00:19:10
github
github
filp whoops Cross-site Scripting vulnerability
2022-05-17 00:19:10
nvd
nvd
CVE-2017-16880
2017-11-17 21:29:00
cve
cve
CVE-2017-16880
2022-10-03 16:23:23
cvelist
cvelist
CVE-2017-16880
2022-10-03 16:23:23