What the vulnerability does
01Description
CRHTLF can lead to invalid protocol extraction potentially leading to XSS in GitHub repository medialize/uri.js prior to 1.19.11.
CVE-2022-1243
HIGH
CVE-2022-1243: CRHTLF can lead to invalid protocol extraction potentially leading to XSS in medialize/uri.js
CVSS base score
7.2/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
April 5, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-27906 Windows Hello Security Feature Bypass Vulnerability
CVE-2023-40272 Apache Airflow Spark Provider Arbitrary File Read via JDBC
CVE-2023-22342
CVE-2021-34756 Cisco Firepower Threat Defense Software Command Injection Vulnerabilities
CVE-2019-1786 Clam AntiVirus PDF Out-of-Bounds Read Vulnerability
