Description
verdaccio before 3.12.0 allows XSS.
Remediation
References
https://github.com/verdaccio/verdaccio/security/advisories/GHSA-78j5-gcmf-vqc8
Related Vulnerabilities
CVE-2020-11050 Vulnerability in maven package org.java-websocket:java-websocket
CVE-2020-28450 Vulnerability in npm package decal
CVE-2020-14968 Vulnerability in maven package org.webjars.bowergithub.kjur:jsrsasign
CVE-2020-8127 Vulnerability in maven package org.webjars:reveal.js
CVE-2022-40929 Vulnerability in maven package com.xuxueli:xxl-job-core