vue-i18n has cross-site scripting vulnerability with prototype pollution - @intlify/core-base

Description

XSS

Recommendation

Update the @intlify/core-base package to the latest compatible version. Followings are version details:

• Affected version(s): **>= 10.0.0, < 10.0.5

  >= 9.3.0, < 9.14.2**

• Patched version(s): **10.0.5

  9.14.2**

References

• GHSA-9r9m-ffp6-9x4v
• CVE-2024-52809
• CWE-79
• CAPEC-310
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• vue-i18n has cross-site scripting vulnerability with prototype pollution - @intlify/core - CVE-2024-52809
• vue-i18n has cross-site scripting vulnerability with prototype pollution - @intlify/vue-i18n-core - CVE-2024-52809
• vue-i18n has cross-site scripting vulnerability with prototype pollution - vue-i18n - CVE-2024-52809
• vue-i18n has cross-site scripting vulnerability with prototype pollution - CVE-2024-52809

You might also like:

How do hackers hack websites?

CSRF, XXE, and 12 Other Security Acronyms Explained

Exploiting Server Version Disclosure

Tags:

npm

@intlify/core-base