CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11.
References
Link | Resource |
---|---|
https://github.com/medialize/uri.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae | Patch Third Party Advisory |
https://huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7 | Exploit Issue Tracking Patch Third Party Advisory |
https://github.com/medialize/uri.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae | Patch Third Party Advisory |
https://huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7 | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 06:40
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/medialize/uri.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae - Patch, Third Party Advisory | |
References | () https://huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7 - Exploit, Issue Tracking, Patch, Third Party Advisory |
24 Jul 2023, 13:46
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-Other |
13 Apr 2022, 15:07
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:uri.js_project:uri.js:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 6.1 |
References | (CONFIRM) https://huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
References | (MISC) https://github.com/medialize/uri.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae - Patch, Third Party Advisory |
05 Apr 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-05 15:15
Updated : 2024-11-21 06:40
NVD link : CVE-2022-1243
Mitre link : CVE-2022-1243
CVE.ORG link : CVE-2022-1243
JSON object : View
Products Affected
uri.js_project
- uri.js
CWE