Description
The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability via a malicious filename rendered in a directory listing.
Remediation
References
https://hackerone.com/reports/665302
Related Vulnerabilities
CVE-2022-2390 Vulnerability in maven package com.google.android.gms:play-services-basement
CVE-2019-20503 Vulnerability in maven package org.webjars.npm:electron
CVE-2019-1010260 Vulnerability in maven package com.github.shyiko:ktlint
CVE-2021-29486 Vulnerability in npm package cumulative-distribution-function
CVE-2023-31718 Vulnerability in npm package @frangoteam/fuxa