Description
bracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template
Remediation
References
https://hackerone.com/reports/317125
Related Vulnerabilities
CVE-2021-41182 Vulnerability in npm package jquery-ui
CVE-2011-2481 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2021-21368 Vulnerability in npm package msgpack5
CVE-2021-3827 Vulnerability in maven package org.keycloak:keycloak-saml-core
CVE-2022-24847 Vulnerability in maven package org.geoserver.web:gs-web-sec-jdbc