Filtered by vendor Tempura Project
Subscriptions
Filtered by product Tempura
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-23784 | 1 Tempura Project | 1 Tempura | 2024-11-21 | 5.4 Medium |
This affects the package tempura before 0.4.0. If the input to the esc function is of type object (i.e an array) it is returned without being escaped/sanitized, leading to a potential Cross-Site Scripting vulnerability. |
Page 1 of 1.