6.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.3%
A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.
github.com/ScratchVerifier/ScratchOAuth2/commit/1603f04e44ef67dde6ccffe866d2dca16defb293