Loading HuntDB...

GHSA-649c-x44h-4q7v

GitHub Security Advisory

Tnantoka/public XSS Vulnerability

✓ GitHub Reviewed MODERATE Has CVE

Advisory Details

A XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.

Affected Packages

npm public
Affected versions: 0 (fixed in 0.1.4)

Related CVEs

Key Information

GHSA ID
GHSA-649c-x44h-4q7v
Published
February 7, 2019 6:14 PM
Last Modified
September 11, 2023 6:35 PM
CVSS Score
5.0 /10
Primary Ecosystem
npm
Primary Package
public
GitHub Reviewed
✓ Yes

Dataset

Last updated: July 1, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.