Skip to main content

Layui

3 CVEs product

Monthly

CVE-2024-47075 npm MEDIUM PATCH This Month

LayUI is a native minimalist modular Web UI component library. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Layui
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2023-50550 npm MEDIUM PATCH This Month

layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Layui
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-3691 npm MEDIUM POC PATCH This Month

A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Layui
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

LayUI is a native minimalist modular Web UI component library. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Layui
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Layui
NVD
EPSS 0% CVSS 6.1
MEDIUM POC PATCH This Month

A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Layui
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy