Security Advisory

CVE-2022-25875

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-12 14:20:17

Last updated 2024-09-17 04:14:01

Assigner snyk

State PUBLISHED

Description

The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function.

← Browse all CVEs View on cve.org ↗