RSS   Vulnerabilities for 'Buttle'   RSS

2019-04-03
 
CVE-2019-5422

CWE-79
 
 
XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server.

 
2018-07-05
 
CVE-2018-3766

CWE-22
 
 
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.

 

Copyright 2024, cxsecurity.com

 

Back to Top