Medium severity6.1NVD Advisory· Published Jun 4, 2018· Updated Jun 17, 2026
CVE-2017-16043
CVE-2017-16043
Description
Shout is an IRC client. Because the /topic command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
shoutnpm | >= 0.44.0, < 0.50.0 | 0.50.0 |
Affected products
2- Range: >=0.44.0 <=0.49.3
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-26q7-g57v-mxcpghsaADVISORY
- github.com/erming/shout/pull/344nvdThird Party AdvisoryWEB
- nodesecurity.io/advisories/322nvdThird Party Advisory
- nvd.nist.gov/vuln/detail/CVE-2017-16043ghsaADVISORY
- www.npmjs.com/advisories/322ghsaWEB
News mentions
0No linked articles in our index yet.