JavaScript

💬 Programming Languages Related 41
slug: javascript

Explanation

JavaScriptはブラウザの中で動くプログラミング言語で、ボタンを押したときの動きやページの動的な変化を担当します。 近年は Node.js でサーバー側でも使われ、Webアプリ全体で最も使われている言語のひとつです。 脆弱性の文脈では XSS (クロスサイトスクリプティング) という、攻撃者がページに悪意あるスクリプトを混入させる攻撃が代表的です。
📌 Example
npmパッケージ event-stream の事件 (2018) では、人気ライブラリに悪意あるコードが仕込まれ、暗号通貨ウォレットからお金を盗むコードが世界中の Node.js アプリに混入した。

🔖 Related tags

🛡 Vulnerabilities tagged with this 1,570

ID Title
CVE-2017-1332 Cross-Site Scripting (XSS) in ibm (CVE-2017-1332)
CVE-2017-1496 Cross-Site Scripting (XSS) in ibm (CVE-2017-1496)
CVE-2017-11737 Cross-Site Scripting (XSS) in rspamd-project (CVE-2017-11737)
CVE-2017-11666 Cross-Site Scripting (XSS) in kopano (CVE-2017-11666)
CVE-2017-11651 NexusPHP V1.5 has XSS via a javascript: or data: URL in a UBBCode url tag.
CVE-2015-8013 Vulnerability in openpgpjs (CVE-2015-8013)
CVE-2017-11499 Vulnerability in dos (CVE-2017-11499)
CVE-2016-6118 Cross-Site Scripting (XSS) in ibm (CVE-2016-6118)
CVE-2016-8975 Cross-Site Scripting (XSS) in ibm (CVE-2016-8975)
CVE-2017-1245 Cross-Site Scripting (XSS) in ibm (CVE-2017-1245)
CVE-2017-1249 Cross-Site Scripting (XSS) in ibm (CVE-2017-1249)
CVE-2017-1380 Cross-Site Scripting (XSS) in ibm (CVE-2017-1380)
CVE-2017-1372 Cross-Site Scripting (XSS) in ibm (CVE-2017-1372)
CVE-2017-1203 Cross-Site Scripting (XSS) in ibm (CVE-2017-1203)
CVE-2017-2337 Cross-Site Scripting (XSS) in juniper (CVE-2017-2337)
CVE-2017-2338 Cross-Site Scripting (XSS) in juniper (CVE-2017-2338)
CVE-2017-2339 Cross-Site Scripting (XSS) in juniper (CVE-2017-2339)
CVE-2017-2335 Cross-Site Scripting (XSS) in juniper (CVE-2017-2335)
CVE-2017-2336 Cross-Site Scripting (XSS) in juniper (CVE-2017-2336)
CVE-2017-1000033 Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000033)
CVE-2017-1000038 Cross-Site Scripting (XSS) in wordpress (CVE-2017-1000038)
CVE-2017-1000042 Cross-Site Scripting (XSS) in mapbox-project (CVE-2017-1000042)
CVE-2017-1000043 Cross-Site Scripting (XSS) in mapbox (CVE-2017-1000043)
CVE-2017-1000059 Cross-Site Scripting (XSS) in livehelperchat (CVE-2017-1000059)
CVE-2017-1000006 Plotly, Inc. plotly.js versions prior to 1.16.0 are vulnerable to an XSS issue.
CVE-2016-6019 Cross-Site Scripting (XSS) in ibm (CVE-2016-6019)
CVE-2016-8952 Cross-Site Scripting (XSS) in ibm (CVE-2016-8952)
CVE-2017-11202 Cross-Site Scripting (XSS) in finecms-project (CVE-2017-11202)
CVE-2017-11195 Cross-Site Scripting (XSS) in pulsesecure (CVE-2017-11195)
CVE-2016-6114 Cross-Site Scripting (XSS) in ibm (CVE-2016-6114)

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →