logo
DATABASE RESOURCES PRICING ABOUT US

Cross-Site Scripting in status-board

Description

All versions of `status-board` are vulnerable to Cross-Site Scripting. The `renderJsDashboard()` function concatenates the `safeDashboard` variable to the HTTP response message with insufficient sanitization. If this variable is controlled by user input it may allow attackers to execute arbitrary JavaScript in a victim's browser. ## Recommendation No fix is currently available. Consider using an alternative package until a fix is made available.


Affected Software


CPE Name Name Version
status-board 1.1.82

Related