cve/CVE-2016-10548.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the calc function.

POC

Reference

https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9
https://gist.github.com/ChALkeR/415a41b561ebea9b341efbb40b802fc9

Github

https://github.com/ARPSyndicate/cvemon

868 B Raw Blame History

CVE-2016-10548

Description

POC

Reference

Github

868 B

Raw Blame History