CVE-2020-28847

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-28847

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28847.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-28847

Aliases

GHSA-6xvq-2gj8-4276

Published

2022-04-05T16:15:10.857Z

Modified

2025-11-14T11:03:25.720405Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment.

References

https://github.com/xCss/Valine/issues/348

Affected packages

Git / github.com/xcss/valine

Affected ranges

Type: GIT
Repo: https://github.com/xcss/valine
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

a57685fac2ce20187f985d982bf9b80574f0e0db

Affected versions

v1.*

v1.0.2

v1.0.7

v1.0.8

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.1.4-rc

v1.1.4-rc1

v1.1.4-rc2

v1.1.5

v1.1.6

v1.1.7

v1.1.7-beta

v1.1.7-beta1

v1.1.7-rc1

v1.1.7-rc2

v1.1.7-rc3

v1.1.8

v1.1.8-beta

v1.1.8-beta1

v1.1.8-beta2

v1.1.8-beta3

v1.1.8-beta4

v1.1.8-beta5

v1.1.8-beta6

v1.1.8-beta7

v1.1.8-beta8

v1.1.8-beta9

v1.1.8-rc1

v1.1.8-rc2

v1.1.8-rc3

v1.1.8-rc4

v1.1.8-rc5

v1.1.9

v1.1.9-beta

v1.1.9-beta1

v1.1.9-beta2

v1.1.9-beta3

v1.1.9-beta4

v1.1.9-beta5

v1.1.9-beta6

v1.1.9-beta7

v1.1.9-beta8

v1.1.9-beta9

v1.1.9-rc1

v1.1.9-rc2

v1.1.9-rc3

v1.2.0

v1.2.0-beta

v1.2.0-beta1

v1.2.0-beta2

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.2.6

v1.2.7

v1.2.8

v1.2.9

v1.3.0

v1.3.1

v1.3.10

v1.3.3

v1.3.4

v1.3.5

v1.3.6

v1.3.7

v1.3.8

v1.3.9

v1.4.0

v1.4.1

v1.4.10

v1.4.11

v1.4.12

v1.4.13

v1.4.14

v1.4.2

v1.4.3

v1.4.4

v1.4.5

v1.4.6

v1.4.7

v1.4.8

v1.4.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-28847.json"