Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-hm7f-rq7q-j9xp: @builder.io/qwik vulnerable to Cross-site Scripting

@builder.io/qwik prior to version 0.16.2 is vulnerable to cross-site scripting due to attribute names and the class attribute values not being properly handled.

ghsa
Open in Source
#xss#git#perl

@builder.io/qwik vulnerable to Cross-site Scripting

Moderate severity GitHub Reviewed Published Jan 20, 2023 • Updated Jan 20, 2023

Related news

CVE-2023-0410: huntr – Security Bounties for any GitHub repository

Cross-site Scripting (XSS) - Generic in GitHub repository builderio/qwik prior to 0.1.0-beta5.

ghsa: Latest News

GHSA-g5x8-v2ch-gj2g: Vaultwarden HTML injection vulnerability
ghsa