derosuite
derosuite copied to clipboard
Published
20 hours ago •
deroproject
deroproject
XSS vulns in web wallet 2.1.6-2.alpha.atlantisNightly+31102018
According to retire.js:
`
| bootstrap | 4.1.3 | Found in https://wallet.dero.io/static/deps/bootstrap.min.js _____Vulnerability info:medium28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-83311 | medium | 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331 | 1 |
|---|---|---|---|---|---|
| medium | 28236 XSS in data-template, data-content and data-title properties of tooltip/popover CVE-2019-8331 | 1 | |||
| jquery | 3.2.1 | Found in https://wallet.dero.io/static/deps/jquery-3.2.1.js _____Vulnerability info:mediumCVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution123mediumCVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS1mediumCVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS1 | medium | CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution | 123 |
| medium | CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution | 123 | |||
| medium | CVE-2020-11022 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS | 1 | |||
| medium | CVE-2020-11023 Regex in its jQuery.htmlPrefilter sometimes may introduce XSS | 1 | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/big.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/clipboard.min.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/dexie.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/FileSaver.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/i18next_11.9.1.min.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/jquery-i18next.min.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/js.cookie-2.2.0.min.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/popper.min.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/promise-worker.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/promise-worker.register.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/qrcode.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/tabulator.min.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/video.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/deps/zxing.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/translations.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/wallet_worker.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/wallet.js | |||
| - | - | Did not recognize https://wallet.dero.io/static/wasm_exec.js |
`
