Description
keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Remediation
References
https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38
https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e
Related Vulnerabilities
CVE-2023-29922 Vulnerability in maven package tech.powerjob:powerjob
CVE-2018-1324 Vulnerability in maven package org.apache.commons:commons-compress
CVE-2017-5617 Vulnerability in maven package com.metsci.ext.com.kitfox.svg:svg-salamander
CVE-2023-46131 Vulnerability in maven package org.grails:grails-databinding
CVE-2020-27666 Vulnerability in npm package strapi-plugin-content-manager