Description
Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability.
Remediation
References
http://raneto.com/
https://cwe.mitre.org/data/definitions/79.html
https://github.com/gilbitron/Raneto/releases
https://gainsec.com/2022/08/04/cve-2022-35142-cve-2022-35143-cve-2022-35144/
Related Vulnerabilities
CVE-2018-1000613 Vulnerability in maven package org.bouncycastle:bcprov-ext-jdk15on
CVE-2020-6537 Vulnerability in npm package electron
CVE-2017-16138 Vulnerability in maven package org.webjars:mime
CVE-2018-11694 Vulnerability in npm package node-sass
CVE-2022-36272 Vulnerability in maven package net.mingsoft:ms-mcms