Description
keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Remediation
References
https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38
https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e
Related Vulnerabilities
CVE-2022-25883 Vulnerability in maven package org.webjars.npm:semver
CVE-2018-14718 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2012-4534 Vulnerability in maven package org.apache.tomcat:coyote
CVE-2022-42466 Vulnerability in maven package org.apache.isis.commons:isis-commons
CVE-2022-36033 Vulnerability in maven package org.jsoup:jsoup