Description
Characters in the GET url path are not properly escaped and can be reflected in the server response.
Remediation
References
https://snyk.io/vuln/SNYK-JS-IOBROKERWEB-534971
Related Vulnerabilities
CVE-2022-25646 Vulnerability in npm package x-data-spreadsheet
CVE-2020-2258 Vulnerability in maven package org.jenkins-ci.plugins:cloudbees-jenkins-advisor
CVE-2017-16175 Vulnerability in npm package ewgaddis.lab6
CVE-2018-6184 Vulnerability in npm package next
CVE-2022-29599 Vulnerability in maven package org.apache.maven.shared:maven-shared-utils