A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., street or country).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-11T19:50:44

Updated: 2024-08-04T16:55:10.309Z

Reserved: 2020-12-02T00:00:00

Link: CVE-2020-29455

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-11T20:15:16.703

Modified: 2024-11-21T05:24:02.280

Link: CVE-2020-29455

cve-icon Redhat

No data.