CVE-2022-0776 – reveal.js

Package

Manager: npm
Name: reveal.js
Vulnerable Version: >=0 <4.3.0

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.08012 pctl0.9176

Details

Cross site scripting in reveal.js The onmessage event listener in /plugin/notes/speaker-view.html does not check the origin of postMessage before adding the content to the webpage. The vulnerable code allows any origin to postMessage on the browser window and feeds attacker's input to parts using which attacker can execute arbitrary javascript code on victim's browser window hosting reveal.js

Metadata

Created: 2022-03-02T00:00:20Z
Modified: 2022-03-10T16:00:14Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-hhqj-cfjx-vj25/GHSA-hhqj-cfjx-vj25.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-hhqj-cfjx-vj25
Finding: F008
Auto approve: 1