Lucene search

K
osvGoogleOSV:GHSA-5JQ3-8437-X35P
HistoryApr 23, 2022 - 12:40 a.m.

Multiple cross-site scripting (XSS) vulnerabilities in Roundup

2022-04-2300:40:39
Google
osv.dev
12
multiple cross-site scripting
roundup
remote attackers
arbitrary web script
html
issue*

EPSS

0.004

Percentile

72.4%

Multiple cross-site scripting (XSS) vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the (1) @ok_message or (2) @error_message parameter to issue*.

EPSS

0.004

Percentile

72.4%