CVE-2021-36713

CVE-2021-36713

Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.

Published Mar 8, 2023

https://github.com/advisories/GHSA-8q87-cc79-vwjj

CVSS ScoreMedium

6.1

Vulnerabilities

CVE-2021-36713

Published Mar 8, 2023

https://github.com/advisories/GHSA-8q87-cc79-vwjj

CVSS ScoreMedium

6.1

CVE-2021-36713 Security Details

CVE ID: CVE-2021-36713
CWE: CWE-79
CVE Description: Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.
Published: Mar 8, 2023
CVSS Score & Severity: 6.1Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score: 0.341%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/advisories/GHSA-8q87-cc79-vwjjTHIRD_PARTY

CVE-2021-36713 Security Details

CVE ID: CVE-2021-36713
CWE: CWE-79
CVE Description: Cross Site Scripting (XSS) vulnerability in the DataTables plug-in 1.9.2 for jQuery allows attackers to run arbitrary code via the sBaseName parameter to function _fnCreateCookie. NOTE: 1.9.2 is a version from 2012.
Published: Mar 8, 2023
CVSS Score & Severity: 6.1Medium
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score: 0.341%
Malware: malware
KEV Status: Not in KEV Catalog: No known exploits
Affected Ecosystems: affected
Source: National Vulnerability Database
References: https://github.com/advisories/GHSA-8q87-cc79-vwjjTHIRD_PARTY

Find vulnerabilities. Fix fast with AI.

CVE-2021-36713

CVE-2021-36713 Security Details

CVE-2021-36713 Security Details