JavaScript

💬 Programming Languages Related 41
slug: javascript

Explanation

JavaScriptはブラウザの中で動くプログラミング言語で、ボタンを押したときの動きやページの動的な変化を担当します。 近年は Node.js でサーバー側でも使われ、Webアプリ全体で最も使われている言語のひとつです。 脆弱性の文脈では XSS (クロスサイトスクリプティング) という、攻撃者がページに悪意あるスクリプトを混入させる攻撃が代表的です。
📌 Example
npmパッケージ event-stream の事件 (2018) では、人気ライブラリに悪意あるコードが仕込まれ、暗号通貨ウォレットからお金を盗むコードが世界中の Node.js アプリに混入した。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,581

ID Title
CVE-2026-54393 Cross-Site Scripting (XSS) in CVE-2026-54393 (CVE-2026-54393)
CVE-2026-53607 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-53607)
CVE-2026-53606 Cross-Site Scripting (XSS) in CVE-2026-53606 (CVE-2026-53606)
CVE-2026-45014 Cross-Site Scripting (XSS) in CVE-2026-45014 (CVE-2026-45014)
CVE-2026-44311 Cross-Site Scripting (XSS) in fabric (CVE-2026-44311)
CVE-2026-53725 Information Disclosure in parse-server (CVE-2026-53725)
CVE-2026-53724 Cross-Site Scripting (XSS) in parse-server (CVE-2026-53724)
CVE-2026-53726 Vulnerability in parse-server (CVE-2026-53726)
CVE-2026-50008 Authorization Flaw in parse-server (CVE-2026-50008)
CVE-2026-53722 Cross-Site Scripting (XSS) in nuxt (CVE-2026-53722)
CVE-2026-53721 Vulnerability in nuxt (CVE-2026-53721)
CVE-2026-49993 Vulnerability in @nuxt/webpack-builder (CVE-2026-49993)
CVE-2026-9125 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9125)
CVE-2026-11933 A use-after-free vulnerability exists in MongoDB Server's server-side JavaScript engine when...
CVE-2026-53782 Summarize before 0.17.0 contains a server-side request forgery vulnerability that allows...
CVE-2026-46489 SolidInvoice is an open-source invoicing platform. Prior to version 2.3.17, the company logo upload feature accepts any file type without validation. An authenticated administrator can upload an SVG f...
CVE-2026-48546 Vulnerability in CVE-2026-48546 (CVE-2026-48546)
CVE-2026-49982 Vulnerability in tmp (CVE-2026-49982)
CVE-2026-40986 Cross-Site Scripting (XSS) in CVE-2026-40986 (CVE-2026-40986)
CVE-2026-53741 Cross-Site Scripting (XSS) in CVE-2026-53741 (CVE-2026-53741)
CVE-2026-0266 Cross-Site Scripting (XSS) in CVE-2026-0266 (CVE-2026-0266)
CVE-2026-20251 Unsafe Deserialization in deserialization (CVE-2026-20251)
CVE-2026-20258 Cross-Site Scripting (XSS) in splunk (CVE-2026-20258)
CVE-2026-46642 Cross-Site Scripting (XSS) in CVE-2026-46642 (CVE-2026-46642)
CVE-2026-53693 Cross-Site Scripting (XSS) in CVE-2026-53693 (CVE-2026-53693)
CVE-2026-45566 Open Redirect in nginx (CVE-2026-45566)
CVE-2026-53473 Cross-Site Scripting (XSS) in kubev2v (CVE-2026-53473)
CVE-2026-45560 Cross-Site Scripting (XSS) in c (CVE-2026-45560)
CVE-2025-71329 Vulnerability in dos (CVE-2025-71329)
CVE-2025-71330 Vulnerability in dos (CVE-2025-71330)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →