CVE-2022-23395
ADVISORY - githubSummary
jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting (XSS).
EPSS Score: 0.00146 (0.358)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
ADVISORY - github
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
ADVISORY - gitlab
OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
NIST
CREATED
UPDATED
ADVISORY IDCVE-2022-23395
EXPLOITABILITY SCORE
2.8
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
6.1mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-gcx5-3p5f-f8vp
EXPLOITABILITY SCORE
2.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
6.1mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2022-23395
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
N/AlowUbuntu
CREATED
UPDATED
ADVISORY IDCVE-2022-23395
EXPLOITABILITY SCORE
2.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
6.1lowintheWild
CREATED
UPDATED
ADVISORY IDCVE-2022-23395
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-