Filtered by vendor Tempura Project
Subscribe
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23784 | 1 Tempura Project | 1 Tempura | 2021-11-05 | 4.3 MEDIUM | 6.1 MEDIUM |
| This affects the package tempura before 0.4.0. If the input to the esc function is of type object (i.e an array) it is returned without being escaped/sanitized, leading to a potential Cross-Site Scripting vulnerability. | |||||