Skip to main content

Public Js

2 CVEs product

Monthly

CVE-2018-3747 npm MEDIUM POC PATCH This Month

The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Public Js
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-3731 npm HIGH POC PATCH This Week

public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Public Js
NVD
CVSS 3.1
7.5
EPSS
2.0%
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Public Js
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Public Js
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy