0.001 Low
EPSS
Percentile
38.3%
XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim’s browser when an attacker creates an arbitrary file on the server.
hackerone.com/reports/331110