mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 23:27:33 +02:00
0xMarcio
846 B
846 B
CVE-2020-7691
&color=brighgreen)
Description
In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex.
POC
Reference
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-575255
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-575253
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-575254
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-575252
- https://snyk.io/vuln/SNYK-JS-JSPDF-568273
Github
No PoCs found on GitHub currently.