Lazysizes
1 CVEs
product
Monthly
lazysizes through 5.2.0 allows execution of malicious JavaScript. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
XSS
Lazysizes
NVD
GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-7642
npm
EPSS 1%
CVSS 5.4
MEDIUM
POC
PATCH
This Month
lazysizes through 5.2.0 allows execution of malicious JavaScript. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
XSS
Lazysizes
NVD
GitHub