We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | GitHub_M |
Reserved | 2024-09-27 |
Published | 2024-10-01 |
Updated | 2024-10-01 |
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N |
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
https://github.com/NuGet/NuGetGallery/security/advisories/GHSA-hq63-27r7-2j64
https://github.com/NuGet/NuGetGallery/pull/10193
https://github.com/NuGet/NuGetGallery/commit/3a18689dd0de856e03d081af999783f0e6e7ca70