Lucene search
Veracode Vulnerability DatabaseVERACODE:34227HistoryFeb 15, 2022 - 7:00 a.m.
Cross-site Scripting (XSS)
2022-02-1507:00:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
cross-site scripting
html
svg markup
malicious javascript
browser security
EPSS
0.001
Percentile
27.5%
enshrined/svg-sanitize is vulnerable to cross-site scripting. The library uses HTML in SVG markup, allowing an attacker to inject and execute malicious javascript on victim’s browser causing system hangs.
Related
openvas
openvas
TYPO3 SVG Sanitizer Vulnerability (TYPO3-PSA-2022-001)
2022-02-25 00:00:00
cve
cve
CVE-2022-23638
2022-02-14 21:15:09
typo3
typo3
Sanitization bypass in SVG Sanitizer
2022-02-22 00:00:00
prion
prion
Cross site scripting
2022-02-14 21:15:00
cvelist
cvelist
CVE-2022-23638 Cross-site Scripting in svg-sanitizer
2022-02-14 21:10:10
nessus
nessus
freebsd
freebsd
typo3 -- XSS vulnerability in svg-sanitize
2022-02-22 00:00:00
friendsofphp
friendsofphp
A cross-site scripting vulnerability
2022-02-15 01:54:00
A cross-site scripting vulnerability
2022-02-15 01:54:00
osv
osv
CVE-2022-23638
2022-02-14 21:15:09
Cross-site Scripting in enshrined/svg-sanitize
2022-02-14 22:54:18
ubuntucve
ubuntucve
CVE-2022-23638
2022-02-14 00:00:00
github
github
Cross-site Scripting in enshrined/svg-sanitize
2022-02-14 22:54:18
nvd
nvd
CVE-2022-23638
2022-02-14 21:15:09