CVE-2017-16015

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-16015
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-16015.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-16015
Aliases
Published
2018-06-04T19:29:00Z
Modified
2025-01-15T01:22:29.278699Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting

References

Affected packages

Git / github.com/caolan/forms

Affected ranges

Type
GIT
Repo
https://github.com/caolan/forms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

v0.*

v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.1.4
v0.10.0
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.3.0
v0.4.0
v0.4.1
v0.5.0
v0.6.0
v0.7.0
v0.8.0
v0.8.1
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v0.9.5
v0.9.6

v1.*

v1.0.0
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.2.0