Description

Status Board 1.1.81 has reflected XSS via dashboard.ts.

Remediation

References

https://github.com/jameswlane/status-board/pull/948

Related Vulnerabilities

CVE-2019-17495 Vulnerability in maven package io.springfox:springfox-swagger-ui

CVE-2018-13797 Vulnerability in npm package macaddress

CVE-2020-36182 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind

CVE-2020-7754 Vulnerability in npm package npm-user-validate

CVE-2022-2079 Vulnerability in npm package nocodb

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Patch Third Party Advisory