CVE-2023-32325
CVSS V2 None
CVSS V3 None
Description
PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place.
Overview
- CVE ID
- CVE-2023-32325
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-05-26T23:00:17.880Z
- Last Modified Date
- 2023-05-26T23:00:17.880Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/PostHog/posthog-js/security/advisories/GHSA-8775-5hwv-wr6v | x_refsource_CONFIRM |
https://github.com/PostHog/posthog-js/commit/67e07eb8bb271a3a6f4aa251382e4d25abb385a0 | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-32325 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32325 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 11:45:19 | Added to TrackCVE |