Description
verdaccio before 3.12.0 allows XSS.
Remediation
References
https://github.com/verdaccio/verdaccio/security/advisories/GHSA-78j5-gcmf-vqc8
Related Vulnerabilities
CVE-2020-28500 Vulnerability in maven package org.webjars.npm:lodash
CVE-2021-33360 Vulnerability in npm package @stoqey/gnuplot
CVE-2021-21175 Vulnerability in npm package electron
CVE-2021-44548 Vulnerability in maven package org.apache.solr:solr-core
CVE-2020-11007 Vulnerability in maven package com.shopizer:sm-core-model