Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-56200 | 1 Validator Project | 1 Validator | 2025-10-18 | N/A | 6.1 MEDIUM |
| A URL validation bypass vulnerability exists in validator.js through version 13.15.15. The isURL() function uses '://' as a delimiter to parse protocols, while browsers use ':' as the delimiter. This parsing difference allows attackers to bypass protocol and domain validation by crafting URLs leading to XSS and Open Redirect attacks. | |||||
| CVE-2021-3765 | 1 Validator Project | 1 Validator | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| validator.js is vulnerable to Inefficient Regular Expression Complexity | |||||