GHSA-gcx5-3p5f-f8vp

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-gcx5-3p5f-f8vp/GHSA-gcx5-3p5f-f8vp.json

Aliases

• CVE-2022-23395

Published

2022-03-03T00:00:51Z

Modified

2023-03-14T05:39:35.662473Z

Details

jQuery Cookie 1.4.1 is affected by prototype pollution, which can lead to DOM cross-site scripting (XSS).

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-23395
• https://security.netapp.com/advisory/ntap-20220325-0008/
• https://snyk.io/test/npm/jquery.cookie/1.4.1?tab=issues