← Back

Buttle

buttle

Vendor: Buttle Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-5422
1Buttle Project
1Buttle
Jun 17, 2026
Apr 3, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server.
CVE-2018-3766
1Buttle Project
1Buttle
Nov 21, 2024
Jul 5, 2018
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.