← Back

Stage.js

stage.js

Vendor: Piqnt • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-53386
1Piqnt
1Stage.js
Jun 17, 2026
Mar 3, 2025
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Stage.js through 0.8.10 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-inject...Show more
Stage.js through 0.8.10 allows DOM Clobbering (with resultant XSS for untrusted input that contains HTML but does not directly contain JavaScript), because document.currentScript lookup can be shadowed by attacker-injected HTML elements.Show less