2 matches found
CVE-2018-3748
The CVE concerns the Node.js module glance with a stored XSS vulnerability due to unsanitized file names served by its static directory. Connected sources show affected versions include glance
CVE-2018-3748
There is a Stored XSS vulnerability in the glance node module versions element allows to execute JavaScript code against any user who opens a directory listing containing such crafted file name...