Skip to main content

Firebase Javascript Sdk

1 CVEs product

Monthly

CVE-2024-11023 npm MEDIUM PATCH This Month

Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Firebase Javascript Sdk
NVD GitHub
CVSS 4.0
5.2
EPSS
0.1%
EPSS 0% CVSS 5.2
MEDIUM PATCH This Month

Firebase JavaScript SDK utilizes a "FIREBASE_DEFAULTS" cookie to store configuration data, including an "_authTokenSyncURL" field used for session synchronization. Rated medium severity (CVSS 5.2), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Firebase Javascript Sdk
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy