JavaScript

💬 Programming Languages Related 41
slug: javascript

Explanation

JavaScriptはブラウザの中で動くプログラミング言語で、ボタンを押したときの動きやページの動的な変化を担当します。 近年は Node.js でサーバー側でも使われ、Webアプリ全体で最も使われている言語のひとつです。 脆弱性の文脈では XSS (クロスサイトスクリプティング) という、攻撃者がページに悪意あるスクリプトを混入させる攻撃が代表的です。
📌 Example
npmパッケージ event-stream の事件 (2018) では、人気ライブラリに悪意あるコードが仕込まれ、暗号通貨ウォレットからお金を盗むコードが世界中の Node.js アプリに混入した。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,581

ID Title
CVE-2026-26462 Vulnerability in CVE-2026-26462 (CVE-2026-26462)
CVE-2026-45627 Cross-Site Scripting (XSS) in github.com/getarcaneapp/arcane/backend (CVE-2026-45627)
CVE-2026-46510 Vulnerability in form-data-objectizer (CVE-2026-46510)
CVE-2026-3471 Vulnerability in mattermost (CVE-2026-3471)
CVE-2026-3495 Cross-Site Scripting (XSS) in github.com/mattermost/mattermost/server/v8 (CVE-2026-3495)
CVE-2018-25327 Cross-Site Request Forgery (CSRF) in CVE-2018-25327 (CVE-2018-25327)
CVE-2018-25331 Cross-Site Scripting (XSS) in CVE-2018-25331 (CVE-2018-25331)
CVE-2026-8723 Vulnerability in qs (CVE-2026-8723)
CVE-2021-47981 Cross-Site Scripting (XSS) in csrf (CVE-2021-47981)
CVE-2021-47975 Cross-Site Scripting (XSS) in CVE-2021-47975 (CVE-2021-47975)
CVE-2021-47955 Cross-Site Scripting (XSS) in CVE-2021-47955 (CVE-2021-47955)
CVE-2020-37240 Cross-Site Scripting (XSS) in CVE-2020-37240 (CVE-2020-37240)
CVE-2020-37235 Cross-Site Scripting (XSS) in wordpress (CVE-2020-37235)
CVE-2020-37236 Cross-Site Scripting (XSS) in CVE-2020-37236 (CVE-2020-37236)
CVE-2020-37238 Cross-Site Scripting (XSS) in CVE-2020-37238 (CVE-2020-37238)
CVE-2026-46367 Duplicate Advisory: phpMyFAQ: Stored XSS via Utils::parseUrl() in comment rendering
CVE-2026-46360 Cross-Site Scripting (XSS) in phpMyFAQ/phpMyFAQ (CVE-2026-46360)
CVE-2026-46361 Cross-Site Scripting (XSS) in thorsten/phpmyfaq (CVE-2026-46361)
CVE-2026-45622 Cross-Site Scripting (XSS) in CVE-2026-45622 (CVE-2026-45622)
CVE-2021-47968 Cross-Site Scripting (XSS) in CVE-2021-47968 (CVE-2021-47968)
CVE-2021-47967 Cross-Site Scripting (XSS) in c (CVE-2021-47967)
CVE-2021-47962 Cross-Site Scripting (XSS) in CVE-2021-47962 (CVE-2021-47962)
CVE-2021-47963 Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to...
CVE-2026-45580 Cross-Site Scripting (XSS) in WWBN/AVideo (CVE-2026-45580)
CVE-2026-23695 Cross-Site Scripting (XSS) in cockpit-hq/cockpit (CVE-2026-23695)
CVE-2026-45036 OS Command Injection in tabby (CVE-2026-45036)
CVE-2026-45773 Cross-Site Request Forgery (CSRF) in turbo (CVE-2026-45773)
CVE-2026-46508 Command Injection in vercel (CVE-2026-46508)
CVE-2026-45772 Vulnerability in turbo (CVE-2026-45772)
CVE-2026-38728 Vulnerability in smtp-server (CVE-2026-38728)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →