Description
index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.
Remediation
References
https://github.com/jaredhanson/oauth2orize-fprm/commit/2bf9faee787eb004abbdfb6f4cc2fb06653defd5
https://github.com/jaredhanson/oauth2orize-fprm/blob/master/SECURITY-NOTICE.md
Related Vulnerabilities
CVE-2021-23346 Vulnerability in npm package html-parse-stringify
CVE-2022-25936 Vulnerability in npm package servst
CVE-2021-4245 Vulnerability in maven package org.webjars.npm:rfc6902
CVE-2020-7642 Vulnerability in maven package org.webjars.npm:lazysizes
CVE-2023-26487 Vulnerability in maven package org.webjars.npm:vega-functions