Description
Characters in the GET url path are not properly escaped and can be reflected in the server response.
Remediation
References
https://snyk.io/vuln/SNYK-JS-IOBROKERWEB-534971
Related Vulnerabilities
CVE-2022-36899 Vulnerability in maven package com.compuware.jenkins:compuware-ispw-operations
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:sort-connector-base
CVE-2020-11979 Vulnerability in maven package org.apache.ant:ant
CVE-2018-11698 Vulnerability in npm package node-sass
CVE-2021-26118 Vulnerability in maven package org.apache.activemq:artemis-openwire-protocol