Description
bracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template
Remediation
References
https://hackerone.com/reports/317125
Related Vulnerabilities
CVE-2020-2139 Vulnerability in maven package org.jenkins-ci.plugins:cobertura
CVE-2020-7238 Vulnerability in maven package io.netty:netty-codec-http
CVE-2018-16487 Vulnerability in npm package lodash.merge
CVE-2020-7735 Vulnerability in npm package ng-packagr
CVE-2023-39685 Vulnerability in maven package org.hjson:hjson