2 matches found
CVE-2021-46251
A reflected cross-site scripting XSS in ScratchOAuth2 before commit 1603f04e44ef67dde6ccffe866d2dca16defb293 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request...
CVE-2021-46251
ScratchOAuth2 is affected by a reflected XSS vulnerability disclosed as CVE-2021-46251. The issue lies in the POST request handling before commit 1603f04e44ef67dde6ccffe866d2dca16defb293, where insufficient input validation/filtering allows an attacker to inject and execute arbitrary web scripts ...