PT-2018-16191 · Npm · Metascrape
Published
2018-07-30
·
Updated
2023-01-30
·
CVE-2018-3773
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
metascraper versions prior to 5.2.0
metascrape npm module versions <= 3.9.2
Description
The issue is related to a stored Cross-Site Scripting vulnerability in Open Graph meta properties. It affects the
metascrape npm module and metascraper.Recommendations
For metascraper versions prior to 5.2.0, upgrade to version 5.2.0 or later.
For metascrape npm module versions <= 3.9.2, upgrade to a version later than 3.9.2.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Metascrape