Buttercup
by Buttercup
npm: buttercup
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-20199 | Low | 0.13 | 3.1 | 0.00 | Aug 16, 2025 | A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality of the component Vault Handler. The manipulation results in improper access controls. The attack may be performed from a remote location. A… | ||
| CVE-2007-3049 | 0.03 | — | 0.01 | Jun 6, 2007 | Cross-site scripting (XSS) vulnerability in index.php in Buttercup web file manager (BWFM) May 2007 allows remote attackers to inject arbitrary web script or HTML via the title parameter. | |||
| CVE-2023-41646 | 0.00 | — | 0.00 | Sep 7, 2023 | Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/ |
- risk 0.13cvss 3.1epss 0.00
A vulnerability was found in Buttercup buttercup-browser-extension up to 0.14.2. Affected by this vulnerability is an unknown functionality of the component Vault Handler. The manipulation results in improper access controls. The attack may be performed from a remote location. A…
- CVE-2007-3049Jun 6, 2007risk 0.03cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in index.php in Buttercup web file manager (BWFM) May 2007 allows remote attackers to inject arbitrary web script or HTML via the title parameter.
- CVE-2023-41646Sep 7, 2023risk 0.00cvss —epss 0.00
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/