Lucene search
Veracode Vulnerability DatabaseVERACODE:37356HistorySep 30, 2022 - 8:27 a.m.
Cross-site Scripting (XSS)
2022-09-3008:27:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
cross-site scripting
github.com/dutchcoders/transfer.sh
content type
malicious javascript
injection
0.001 Low
EPSS
Percentile
30.0%
github.com/dutchcoders/transfer.sh is vulnerable to cross-site scripting(XSS) attacks. The library is unable to determine the content type of the file inserted through ContentType metadata, which allows an attacker to inject and execute malicious javascript on victim’s browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/dutchcoders/transfer.sh | le | v1.4.0 | |
| github.com/dutchcoders/transfer.sh | le | v1.4.0 |
Related
prion
prion
Cross site scripting
2022-09-29 16:15:00
cve
cve
CVE-2022-40931
2022-09-29 16:15:10
osv
osv
CVE-2022-40931
2022-09-29 16:15:10
cvelist
cvelist
CVE-2022-40931
2022-09-29 15:31:45
github
github
nvd
nvd
CVE-2022-40931
2022-09-29 16:15:10