RSS   Podatności dla 'Emoji button'   RSS

2021-11-26
 
CVE-2021-43785

CWE-79
 

 
@joeattardi/emoji-button is a Vanilla JavaScript emoji picker component. In affected versions there are two vectors for XSS attacks: a URL for a custom emoji, and an i18n string. In both of these cases, a value can be crafted such that it can insert a `script` tag into the page and execute malicious code.

 


Copyright 2024, cxsecurity.com

 

Back to Top