Vendor
Pebbleroad
Products
1
CVEs
1
Across products
1
Status
Private
Products
1- Glossarizer1 CVEnpm
Recent CVEs
1| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42515 | Cri | 0.64 | 9.9 | 0.00 | Oct 31, 2024 | Glossarizer through 1.5.2 improperly tries to convert text into HTML. Even though the application itself escapes special characters (e.g., <>), the underlying library converts these encoded characters into legitimate HTML, thereby possibly causing stored XSS. Attackers can… |
- risk 0.64cvss 9.9epss 0.00
Glossarizer through 1.5.2 improperly tries to convert text into HTML. Even though the application itself escapes special characters (e.g., <>), the underlying library converts these encoded characters into legitimate HTML, thereby possibly causing stored XSS. Attackers can…