### [CVE-2022-1243](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1243)
![](https://img.shields.io/static/v1?label=Product&message=medialize%2Furi.js&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%201.19.11%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen)

### Description

CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11.

### POC

#### Reference
- https://huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7
- https://huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7

#### Github
No PoCs found on GitHub currently.