Skip to main content

Privilege Issues

CVE-2022-23923

Severity High
Score 9.8/10

Summary

All versions of package jailed are vulnerable to Sandbox Bypass via an exported "alert()" method which can access the main application. Exported methods are stored in the "application.remote" object.

  • LOW
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-265 - Privilege Issues

Weaknesses in this category occur with improper handling, assignment, or management of privileges. A privilege is a property of an agent, such as a user. It lets the agent do things that are not ordinarily allowed. For example, there are privileges which allow an agent to perform maintenance functions such as restart a computer.

Advisory Timeline

  • Published