Lucene search
MitreVULNRICHMENT:CVE-2023-44270HistorySep 29, 2023 - 12:00 a.m.
CVE-2023-44270
2023-09-2900:00:00
mitre
github.com
postcss
cve-2023-44270
linters
untrusted css
comment inclusion
An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.
Related
ibm
ibm
github
github
PostCSS line return parsing error
2023-09-30 00:31:10
debiancve
debiancve
CVE-2023-44270
2023-09-29 22:15:11
osv
osv
PostCSS line return parsing error
2023-09-30 00:31:10
CVE-2023-44270
2023-09-29 22:15:11
cvelist
cvelist
CVE-2023-44270
2023-09-29 00:00:00
nvd
nvd
CVE-2023-44270
2023-09-29 22:15:11
cve
cve
CVE-2023-44270
2023-09-29 22:15:11
ubuntucve
ubuntucve
CVE-2023-44270
2023-09-29 00:00:00
prion
prion
Code injection
2023-09-29 22:15:00
veracode
veracode
Improper Input Validation
2023-10-10 05:41:05
AI Score
6.5
Confidence
Low
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-44270