Filtered by vendor Reduce-css-calc Project Subscriptions
Filtered by product Reduce-css-calc Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-10548 1 Reduce-css-calc Project 1 Reduce-css-calc 2024-11-21 N/A
Arbitrary code execution is possible in reduce-css-calc node module <=1.2.4 through crafted css. This makes cross sites scripting (XSS) possible on the client and arbitrary code injection possible on the server and user input is passed to the `calc` function.