CVE-2017-16015

Published: Jun 4, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting

Vendor	Product	Versions
HackerOne	forms node module	affected `<1.3.0`

Weaknesses (CWE)

CWE-80

References

https://github.com/caolan/forms/commit/bc01e534a0ff863dedb2026a50bd03153bbc6a5d

x_refsource_MISC

https://nodesecurity.io/advisories/158

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-16015

Description

Affected Products

Weaknesses (CWE)

References