Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2022-24762
HistoryMar 14, 2022 - 11:15 p.m.

CVE-2022-24762

2022-03-1423:15:08
Google
osv.dev
7
sysend.js
cross-origin communication
intercepted
same browser
patched
workaround
communications

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

49.3%

JSON

sysend.js is a library that allows a user to send messages between pages that are open in the same browser. Users that use cross-origin communication may have their communications intercepted. Impact is limited by the communication occurring in the same browser. This issue has been patched in sysend.js version 1.10.0. The only currently known workaround is to avoid sending communications that a user does not want to have intercepted via sysend messages.

Related

prion 1
cvelist 1
nvd 1
veracode 1
github 1
cve 1
osv 1
vulnrichment 1
prion
prion
Cross site scripting
2022-03-14 23:15:00
cvelist
cvelist
CVE-2022-24762 Exposure of Sensitive Information to an Unauthorized Actor in sysend.js
2022-03-14 22:50:10
nvd
nvd
CVE-2022-24762
2022-03-14 23:15:08
veracode
veracode
Information Disclosure
2022-03-15 10:56:17
github
github
Leaking of user information on Cross-Domain communication in sysend
2022-03-14 22:43:23
cve
cve
CVE-2022-24762
2022-03-14 23:15:08
osv
osv
Leaking of user information on Cross-Domain communication in sysend
2022-03-14 22:43:23
vulnrichment
vulnrichment
CVE-2022-24762 Exposure of Sensitive Information to an Unauthorized Actor in sysend.js
2022-03-14 22:50:10

AI Score

6.9

Confidence

High

EPSS

0.001

Percentile

49.3%

JSON
Related for OSV:CVE-2022-24762
prion1cvelist1nvd1veracode1github1cve1osv1vulnrichment1