High severityNVD Advisory· Published Jul 14, 2023· Updated Oct 22, 2024
Cross-site Scripting (XSS) - DOM in plaidweb/webmention.js
CVE-2023-3672
Description
Cross-site Scripting (XSS) - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
webmention.jsnpm | < 0.5.5 | 0.5.5 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- github.com/advisories/GHSA-r54g-4qq6-chxgghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-3672ghsaADVISORY
- github.com/PlaidWeb/webmention.js/blob/9457e71433c0d2430bbe767ecc5b5837140d0ee4/static/webmention.jsghsaWEB
- github.com/plaidweb/webmention.js/commit/3551b66b3e40da37fee89ecf72930c5efdc53011ghsaWEB
- huntr.dev/bounties/75cfb7ad-a75f-45ff-8688-32a9c55179aaghsaWEB
News mentions
0No linked articles in our index yet.