Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2025-66563
- EPSS 0.05%
- Veröffentlicht 04.12.2025 22:34:10
- Zuletzt bearbeitet 17.12.2025 16:12:09
Monkeytype is a minimalistic and customizable typing test. In 25.49.0 and earlier, there is improper handling of user input which allows an attacker to execute malicious javascript on anyone viewing a malicious quote submission. quote.text and quote....
5.4
CVE-2025-59838
- EPSS 0.02%
- Veröffentlicht 25.09.2025 15:16:14
- Zuletzt bearbeitet 28.10.2025 16:15:38
Monkeytype is a minimalistic and customizable typing test. In versions 25.36.0 and prior, improper handling of user input when loading a saved custom text results in XSS. This issue has been fixed in version 25.44.0.
9.6
CVE-2024-41127
- EPSS 1.08%
- Veröffentlicht 02.08.2024 15:16:36
- Zuletzt bearbeitet 11.09.2024 14:52:15
Monkeytype is a minimalistic and customizable typing test. Monkeytype is vulnerable to Poisoned Pipeline Execution through Code Injection in its ci-failure-comment.yml GitHub Workflow, enabling attackers to gain pull-requests write access. The ci-fai...
1