Skip to content

Instantly share code, notes, and snippets.

@cd80

cd80/gist:89527424f733b2b82de876e02d163150

Last active February 14, 2024 07:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cd80/89527424f733b2b82de876e02d163150 to your computer and use it in GitHub Desktop.
Save cd80/89527424f733b2b82de876e02d163150 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
- CVE ID
Not assigned yet
- Name of affected product and versions
https://github.com/stewdio/beep.js
version <= commit ef22ad7
- Problem type
Attacker can execute arbitrary javascript code in victim's browser by sending specifically crafted url that exploits DOM based XSS in beep/Beep.Instrument.js.
- Description
Cross Site Scripting (XSS) vulnerability in the component beep/Beep.Instrument.js of github repository stewdio/beep.js allows attackers to execute arbitrary javascript code via sending a crafted URL to a victim.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment