Description
bracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template
Remediation
References
https://hackerone.com/reports/317125
Related Vulnerabilities
CVE-2017-16224 Vulnerability in npm package st
CVE-2021-39187 Vulnerability in npm package parse-server
CVE-2022-39250 Vulnerability in npm package matrix-js-sdk
CVE-2022-0722 Vulnerability in maven package org.webjars.npm:parse-url
CVE-2021-32623 Vulnerability in maven package org.opencastproject:opencast-kernel