Lucene search

K

CVE-2023-38687 Execution of arbitrary JavaScript from Svelecte item names

🗓️ 14 Aug 2023 20:17:21Reported by GitHub_MType 
vulnrichment
 vulnrichment
🔗 github.com👁 2 Views

Execution of arbitrary JavaScript from Svelecte item names. Svelecte vulnerability allows injection of arbitrary HTML into dropdown, leading to XSS attacks and potential execution of untrusted JavaScript

Show more
Related
Affected
Refs
[
  {
    "cpes": [
      "cpe:2.3:a:mskocik:svelecte:*:*:*:*:*:node.js:*:*"
    ],
    "vendor": "mskocik",
    "product": "svelecte",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "3.16.3",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Aug 2023 20:21Current
5.9Medium risk
Vulners AI Score5.9
CVSS35.4
SSVCNaN
2
.json
Report