Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS03M3E5LTdwd2otZ200Ns0kGg
icecoder is vulnerable to Cross-site Scripting
icecoder is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Permalink: https://github.com/advisories/GHSA-73q9-7pwj-gm46JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS03M3E5LTdwd2otZ200Ns0kGg
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 3 years ago
Updated: almost 2 years ago
CVSS Score: 5.4
CVSS vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Identifiers: GHSA-73q9-7pwj-gm46, CVE-2021-3862
References:
- https://nvd.nist.gov/vuln/detail/CVE-2021-3862
- https://github.com/icecoder/icecoder/commit/51cf24b2a39138e6a7b5739ef59eb38cd7c39763
- https://huntr.dev/bounties/5c9c228e-2a39-4643-bb82-2b02a2b0a601
- https://github.com/advisories/GHSA-73q9-7pwj-gm46
Blast Radius: 1.6
Affected Packages
packagist:icecoder/icecoder
Dependent packages: 1Dependent repositories: 2
Downloads: 321 total
Affected Version Ranges: <= 8.1
No known fixed version
All affected versions: