Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2024-47075
- EPSS 1.32%
- Veröffentlicht 26.09.2024 18:15:08
- Zuletzt bearbeitet 15.08.2025 14:11:51
LayUI is a native minimalist modular Web UI component library. Versions prior to 2.9.17 have a DOM Clobbering vulnerability that can lead to Cross-site Scripting (XSS) on web pages where attacker-controlled HTML elements (e.g., `img` tags with unsani...
5.4
CVE-2023-50550
- EPSS 0.42%
- Veröffentlicht 30.12.2023 16:15:44
- Zuletzt bearbeitet 21.11.2024 08:37:04
layui up to v2.74 was discovered to contain a cross-site scripting (XSS) vulnerability via the data-content parameter.
6.1
CVE-2023-3691
- EPSS 0.08%
- Veröffentlicht 16.07.2023 17:15:09
- Zuletzt bearbeitet 21.11.2024 08:17:51
A vulnerability, which was classified as problematic, was found in layui up to v2.8.0-rc.16. This affects an unknown part of the component HTML Attribute Handler. The manipulation of the argument title leads to cross site scripting. It is possible to...
1