CVE-2017-1000463
Leafpub 1.2.0-beta6 is affected by a stored cross-site scripting vulnerability on the edit blog post page. The issue, caused by improper input handling, can allow an attacker to inject JavaScript, potentially disrupting service and executing code in a user’s browser. Multiple sources confirm the ...