Description
Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.
Remediation
References
https://www.vulnerability-lab.com/get_content.php?id=1608
https://vulners.com/securityvulns/SECURITYVULNS:DOC:32625
https://github.com/NodeBB/NodeBB/pull/3371
https://github.com/NodeBB/NodeBB/compare/56b79a9...4de7529
Related Vulnerabilities
CVE-2021-26920 Vulnerability in maven package org.apache.druid:druid-core
CVE-2020-9296 Vulnerability in maven package com.netflix.conductor:conductor-core
CVE-2021-23574 Vulnerability in npm package js-data
CVE-2018-16487 Vulnerability in maven package org.webjars.bower:lodash
CVE-2022-25301 Vulnerability in npm package jsgui-lang-essentials