Description
A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.
Remediation
References
https://github.com/alibaba/nacos/issues/7359
Related Vulnerabilities
CVE-2020-8203 Vulnerability in maven package org.webjars:lodash
CVE-2022-25345 Vulnerability in npm package @discordjs/opus
CVE-2022-25904 Vulnerability in npm package safe-eval
CVE-2023-34615 Vulnerability in maven package net.pwall.json:jsonutil
CVE-2012-0391 Vulnerability in maven package org.apache.struts:struts2-core