CVE-2022-25875

Posted on 2022년 7월 13일2022년 7월 13일 by admin

CVE-2022-25875

The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function.

Source: CVE-2022-25875

답글 남기기 응답 취소