Description
CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs.
Remediation
References
https://github.com/gchq/CyberChef/commit/01f0625d6a177f9c5df9281f12a27c814c2d8bcf
https://github.com/gchq/CyberChef/compare/v8.31.1...v8.31.2
https://github.com/gchq/CyberChef/issues/539
https://github.com/gchq/CyberChef/issues/544
Related Vulnerabilities
CVE-2011-1419 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core
CVE-2022-28220 Vulnerability in maven package org.apache.james:james-server-protocols-imap4
CVE-2021-21166 Vulnerability in npm package electron
CVE-2023-0842 Vulnerability in maven package org.webjars.npm:xml2js
CVE-2017-5638 Vulnerability in maven package org.apache.struts:struts2-core