Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment.
References
Link | Resource |
---|---|
https://github.com/xCss/Valine/issues/348 | Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2022-04-05 09:15
Updated : 2022-04-12 12:56
NVD link : CVE-2020-28847
Mitre link : CVE-2020-28847
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
valine.js
- valine