CVE-2013-7452Cross-site Scripting in Project Validator

CWE-79Cross-site Scripting5 documents4 sources
Severity
6.1MEDIUMNVD
EPSS
0.6%
top 31.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Validator Project ValidatorNodejs Node.js
Timeline
PublishedJan 23
Latest updateOct 24

Description

The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via a crafted javascript URI.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDnodejs/node.js1.0.4

🔴Vulnerability Details

4
OSV
Moderate severity vulnerability that affects validator2017-10-24
GHSA
Moderate severity vulnerability that affects validator2017-10-24
OSV
CVE-2013-7452: The validator module before 12017-01-23
CVEList
CVE-2013-7452: The validator module before 12017-01-23
CVE-2013-7452 — Cross-site Scripting | cvebase