Description
jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| npm | @claviska/jquery-minicolors | affected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-0692 | jQuery MiniColors is a color picker built on jQuery. Prior to version 2.3.6, jQuery MiniColors is prone to cross-site scripting when handling untrusted color names. This issue is patched in version 2.3.6. |
 Github GHSA |
GHSA-crh5-vv2v-c82q | @claviska/jquery-minicolors vulnerable to Cross-site Scripting |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-03-10T21:09:21.659Z
Reserved: 2021-05-12T00:00:00.000Z
Link: CVE-2021-32850
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-20T22:15:10.970
Modified: 2024-11-21T06:07:52.880
Link: CVE-2021-32850
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses