CVE-2021-3529
CVE-2021-3529 affects noobaa-core prior to 5.7.0. The vulnerability stems from unmodified echoing of an arbitrarily named URL into HTML, allowing inline arbitrary JavaScript to be injected via the application response (cross‑site scripting risk). Affected component: noobaa-core; description consi...