WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2019-16148 Vulnerability in maven package org.sakaiproject:chat-base

Description

Sakai through 12.6 allows XSS via a chat user name.

Remediation

References

https://github.com/sakaiproject/sakai/pull/6971

Related Vulnerabilities

CVE-2020-5263 Vulnerability in maven package org.webjars.npm:auth0-js

CVE-2020-7637 Vulnerability in npm package class-transformer

CVE-2022-35915 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts

CVE-2021-3795 Vulnerability in npm package semver-regex

CVE-2023-6886 Vulnerability in maven package com.xnx3.wangmarket:wangmarket

Severity

High

Classification

CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Patch Third Party Advisory