CVE-2024-51757

N/A Unknown
Published: November 06, 2024 Modified: April 15, 2026
View on NVD

Description

happy-dom is a JavaScript implementation of a web browser without its graphical user interface. Versions of happy-dom prior to 15.10.2 may execute code on the host via a script tag. This would execute code in the user context of happy-dom. Users are advised to upgrade to version 15.10.2. There are no known workarounds for this vulnerability.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/capricorn86/happy-dom/commit/5ee0b1676d4ce20cc2a70d1c9c8d6f1e3f57efac
Source: security-advisories@github.com
https://github.com/capricorn86/happy-dom/commit/d23834c232f1cf5519c9418b073f1dcec6b2f0fd
Source: security-advisories@github.com
https://github.com/capricorn86/happy-dom/issues/1585
Source: security-advisories@github.com
https://github.com/capricorn86/happy-dom/pull/1586
Source: security-advisories@github.com
https://github.com/capricorn86/happy-dom/releases/tag/v15.10.2
Source: security-advisories@github.com
https://github.com/capricorn86/happy-dom/security/advisories/GHSA-96g7-g7g9-jxw8
Source: security-advisories@github.com

6 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.7%
71th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79 CWE-94

Related CVEs

CVE-2026-6579 6.5
CVE-2026-6578 5.6
CVE-2026-6577 7.3
CVE-2026-6576 6.3
CVE-2026-6574 7.3