Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Emoji Button Project Subscribe
Filtered by product Emoji Button
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43785 1 Emoji Button Project 1 Emoji Button 2021-11-30 4.3 MEDIUM 6.1 MEDIUM
@joeattardi/emoji-button is a Vanilla JavaScript emoji picker component. In affected versions there are two vectors for XSS attacks: a URL for a custom emoji, and an i18n string. In both of these cases, a value can be crafted such that it can insert a `script` tag into the page and execute malicious code.