CVE-2022-30241

The jquery.json-viewer library through 1.4.0 for Node.js does not properly escape characters such as < in a JSON object, as demonstrated by a SCRIPT element.
References
Link Resource
https://www.npmjs.com/package/jquery.json-viewer Product Third Party Advisory
https://github.com/abodelot/jquery.json-viewer/pull/26 Patch Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jquery_json-viewer_project:jquery_json-viewer:*:*:*:*:*:node.js:*:*

Information

Published : 2022-05-04 11:15

Updated : 2022-05-13 10:24


NVD link : CVE-2022-30241

Mitre link : CVE-2022-30241


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

jquery_json-viewer_project

  • jquery_json-viewer