Description
XSS in sexstatic <=0.6.2 causes HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with
Remediation
References
https://hackerone.com/reports/328210
Related Vulnerabilities
CVE-2022-25881 Vulnerability in maven package org.webjars.npm:http-cache-semantics
CVE-2020-26870 Vulnerability in maven package org.webjars.bower:dompurify
CVE-2021-27516 Vulnerability in maven package org.webjars.npm:urijs
CVE-2023-25765 Vulnerability in maven package org.jenkins-ci.plugins:email-ext
CVE-2019-12041 Vulnerability in maven package org.webjars.bower:remarkable