The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 9 | all | validator.js | < 4.7.1+dfsg1-1.1 | validator.js_4.7.1+dfsg1-1.1_all.deb |