CVE-2022-0437

MEDIUM NUCLEI

NPM karma <6.3.14 - XSS

Title source: llm

Description

Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14.

Nuclei Templates (1)

karma-runner DOM-based Cross-Site Scripting
MEDIUMby pikpikcu

References (2)

Scores

CVSS v3 6.1
EPSS 0.2465
EPSS Percentile 96.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
karma_project/karma < 6.3.14
npm/karma 0 - 6.3.14npm
Published Feb 05, 2022
Tracked Since Feb 18, 2026