JavaScript

💬 Programming Languages Related 41
slug: javascript

Explanation

JavaScriptはブラウザの中で動くプログラミング言語で、ボタンを押したときの動きやページの動的な変化を担当します。 近年は Node.js でサーバー側でも使われ、Webアプリ全体で最も使われている言語のひとつです。 脆弱性の文脈では XSS (クロスサイトスクリプティング) という、攻撃者がページに悪意あるスクリプトを混入させる攻撃が代表的です。
📌 Example
npmパッケージ event-stream の事件 (2018) では、人気ライブラリに悪意あるコードが仕込まれ、暗号通貨ウォレットからお金を盗むコードが世界中の Node.js アプリに混入した。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,581

ID Title
CVE-2026-9281 Cross-Site Scripting (XSS) in wordpress (CVE-2026-9281)
CVE-2026-8438 Cross-Site Scripting (XSS) in wordpress (CVE-2026-8438)
CVE-2026-11422 Vulnerability in CVE-2026-11422 (CVE-2026-11422)
CVE-2026-46401 Vulnerability in CVE-2026-46401 (CVE-2026-46401)
CVE-2026-46400 Unrestricted File Upload in CVE-2026-46400 (CVE-2026-46400)
CVE-2026-46493 Vulnerability in CVE-2026-46493 (CVE-2026-46493)
CVE-2026-46397 Path Traversal in CVE-2026-46397 (CVE-2026-46397)
CVE-2026-46398 Vulnerability in CVE-2026-46398 (CVE-2026-46398)
CVE-2026-45778 Cross-Site Scripting (XSS) in buffalo (CVE-2026-45778)
CVE-2026-46399 Vulnerability in CVE-2026-46399 (CVE-2026-46399)
CVE-2026-46394 OS Command Injection in CVE-2026-46394 (CVE-2026-46394)
CVE-2026-46392 HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the `saveFile` endpoint validates upload extensions case-insensitively and writes the filen...
CVE-2026-46390 Vulnerability in CVE-2026-46390 (CVE-2026-46390)
CVE-2026-50733 Vulnerability in CVE-2026-50733 (CVE-2026-50733)
CVE-2026-48017 Code Injection in dbgate-api (CVE-2026-48017)
CVE-2026-47387 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47387)
CVE-2026-47376 Cross-Site Scripting (XSS) in nocodb (CVE-2026-47376)
CVE-2026-38579 Cross-Site Scripting (XSS) in CVE-2026-38579 (CVE-2026-38579)
CVE-2026-50230 Cross-Site Scripting (XSS) in CVE-2026-50230 (CVE-2026-50230)
CVE-2026-50233 Vulnerability in CVE-2026-50233 (CVE-2026-50233)
CVE-2026-50235 Cross-Site Scripting (XSS) in CVE-2026-50235 (CVE-2026-50235)
CVE-2026-11345 Authentication Bypass in CVE-2026-11345 (CVE-2026-11345)
CVE-2026-10732 Vulnerability in path-traversal (CVE-2026-10732)
CVE-2026-21825 Cross-Site Scripting (XSS) in hcltech (CVE-2026-21825)
CVE-2026-41518 Cross-Site Scripting (XSS) in CVE-2026-41518 (CVE-2026-41518)
CVE-2025-65640 Cross-Site Scripting (XSS) in CVE-2025-65640 (CVE-2025-65640)
CVE-2026-10796 OS Command Injection in openjsf (CVE-2026-10796)
CVE-2026-43984 Cross-Site Scripting (XSS) in CVE-2026-43984 (CVE-2026-43984)
CVE-2019-25739 Cross-Site Scripting (XSS) in CVE-2019-25739 (CVE-2019-25739)
CVE-2019-25742 Cross-Site Scripting (XSS) in wordpress (CVE-2019-25742)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →