Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-4VVG-X86P-MVQC
HistoryMar 14, 2022 - 10:43 p.m.

Leaking of user information on Cross-Domain communication in sysend

2022-03-1422:43:23
Google
osv.dev
54
cross-domain communication
sysend
sensitive information
interception
browser
patch
version 1.10.0
workaround

EPSS

0.001

Percentile

49.3%

JSON

Impact

Users that use Cross-Origin communication and send sensitive information make it possible for this data to be intercepted.
This is not a big impact because it happens only on the same browser.

Patches

It has been patched in version 1.10.0

Workarounds

The only workaround is to not send sensitive information with sysend messages.

Related

prion 1
cvelist 1
osv 1
nvd 1
veracode 1
github 1
cve 1
vulnrichment 1
prion
prion
Cross site scripting
2022-03-14 23:15:00
cvelist
cvelist
CVE-2022-24762 Exposure of Sensitive Information to an Unauthorized Actor in sysend.js
2022-03-14 22:50:10
osv
osv
CVE-2022-24762
2022-03-14 23:15:08
nvd
nvd
CVE-2022-24762
2022-03-14 23:15:08
veracode
veracode
Information Disclosure
2022-03-15 10:56:17
github
github
Leaking of user information on Cross-Domain communication in sysend
2022-03-14 22:43:23
cve
cve
CVE-2022-24762
2022-03-14 23:15:08
vulnrichment
vulnrichment
CVE-2022-24762 Exposure of Sensitive Information to an Unauthorized Actor in sysend.js
2022-03-14 22:50:10

EPSS

0.001

Percentile

49.3%

JSON
Related for OSV:GHSA-4VVG-X86P-MVQC
prion1cvelist1osv1nvd1veracode1github1cve1vulnrichment1