CVE-2019-5422
N/A
N/A
Summary
XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Npm, Inc. | buttle | 0.2.0 | affected |
Weaknesses
- CWE-79: Cross-site Scripting (XSS) - Stored (CWE-79)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.