📦

litespeed.js

Vendor: litespeed.js_project

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 5.38% Exploit Prob.

Latest CVE CVE-2021-23682 Feb 16

Security Vulnerability Index

Page 1 / 1

7.3 CVSS

CVE-2021-23682

This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability.

EPSS: 5.38%

Severity: HIGH

Feb 16, 2022

Displaying 1 of 1 Total Entries

Total 1 Sections