XSS | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

XSS

Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc.

Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older.

Published: Feb 25, 2021
Updated: Apr 14, 2023
GHSA: GHSA-qfmr-6qvh-49gm
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
knockout	-	3.5.0