CVE-2024-53382
Prism (aka PrismJS) through 1.29.0 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.
- T
Tim Bastin detected CVE-2024-53382 with a risk of 1.12
- T
Tim Bastin
- T
Tim Bastin detected CVE-2024-53382 with a risk of 1.12
- T
Tim Bastin
- T
Tim Bastin detected CVE-2024-53382 with a risk of 1.12
- T
Tim Bastin
- S
Sebastian Kawelke updated the risk assessment from 1.12 to 1.42
Confidentiality Requirement updated: medium -> high, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
- S
Sebastian Kawelke updated the risk assessment from 1.12 to 1.42
Confidentiality Requirement updated: medium -> high, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
- S
Sebastian Kawelke updated the risk assessment from 1.12 to 1.42
Confidentiality Requirement updated: medium -> high, Integrity Requirement updated: medium -> high, Availability Requirement updated: medium -> high
System
System updated the risk assessment to 1.42
System recalculated raw risk assessment
System
System updated the risk assessment to 1.42
System recalculated raw risk assessment
System updated the risk assessment from 1.42 to 2.85
System recalculated raw risk assessment
System updated the risk assessment from 1.42 to 2.85
System recalculated raw risk assessment
System updated the risk assessment from 1.42 to 2.85
System recalculated raw risk assessment
System updated the risk assessment from 1.42 to 2.85
System recalculated raw risk assessment
System updated the risk assessment from 1.42 to 2.85
System recalculated raw risk assessment
System fixed CVE-2024-53382
System fixed CVE-2024-53382
System fixed CVE-2024-53382
System fixed CVE-2024-53382
System fixed CVE-2024-53382
System detected CVE-2024-53382 with a risk of 2.85
System updated the risk assessment from 2.85 to 1.42
System recalculated raw risk assessment
Add a comment
Affected component
prismjs