CVE-2016-1000228
Summary: The provided connected advisories describe a DOM-based XSS vulnerability in the npm package Gmail.js (gmail-js). Affected versions contain unsafe handling in the functions tools.parse_response, helper.get.visible_emails_post, and helper.get.email_data_post, which pass user input directly...