Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:39250
HistoryFeb 14, 2023 - 3:19 a.m.

Cross-site Scripting (XSS)

2023-02-1403:19:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
37
cross-site scripting
vulnerability
richtextfield
javascript
react applications

EPSS

0.001

Percentile

42.2%

JSON

react-admin is vulnerable to Cross-site Scripting (XSS). The vulnerability exists because the dangerouslySetInnerHTML attribute in RichTextField.tsx does not sanitize on the client side. If the data isn’t sanitized server-side, the RichTextField attribute allows an attacker to inject and execute malicious javascript in all React applications built with the ``.

Related

osv 2
prion 1
cve 1
github 1
nvd 1
cvelist 1
wallarmlab 1
osv
osv
Cross-Site-Scripting attack on `<RichTextField>`
2023-02-14 00:32:21
CVE-2023-25572
2023-02-13 21:15:15
prion
prion
Cross site scripting
2023-02-13 21:15:00
cve
cve
CVE-2023-25572
2023-02-13 21:15:15
github
github
Cross-Site-Scripting attack on `<RichTextField>`
2023-02-14 00:32:21
nvd
nvd
CVE-2023-25572
2023-02-13 21:15:15
cvelist
cvelist
CVE-2023-25572 React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>`
2023-02-13 20:49:54
wallarmlab
wallarmlab
Predictions for 2023 from Latest API Threat Research | API Security Newsletter
2023-03-09 13:10:48

EPSS

0.001

Percentile

42.2%

JSON
Related for VERACODE:39250
osv2prion1cve1github1nvd1cvelist1wallarmlab1