Fluid Attacks Database

Description

tarteaucitron.js vulnerable to Cross-site Scripting Cross-site Scripting (XSS) - Stored in GitHub repository amauric/tarteaucitron.js prior to v1.13.1.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
npm	tarteaucitronjs	>=0 <1.13.1	1.13.1

Aliases

1. CVE-2023-36202. NVD-2023-36203. OSV-2023-36204. GCVE-2023-3620

References

1. https://github.com/amauric/tarteaucitron.js/commit/c4c2fcf2b2212ce968bdcae145bb74283c441e5f2. https://github.com/AmauriC/tarteaucitron.js/releases/tag/v1.13.13. https://huntr.dev/bounties/a0fd0671-f051-4d41-8928-9b19819084c9