CVE-2021-20066

Medium

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script…

tenable·NVD-CWE-noinfo·Published 2021-02-16

CVSS

5.6

EPSS

0.01

KEV

Exploits

cve.orgen

160 chars

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

NVDen

160 chars

JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

# Withdrawn Advisory This advisory has been withdrawn because the user must configure jsdom to allow access to local files. # Original Description JSDom improperly allows the loading of local resources, which allows for local files to be manipulated by a malicious web page when script execution is enabled.

NVDes

192 chars

JSDom permite inapropiadamente la carga de recursos locales, lo que permite que los archivos locales sean manipulados por una página web maliciosa cuando la ejecución de script está habilitada

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	5.6	2.2	3.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L