CVE-2024-21496
CVE-2024-21496 affects all versions of the Go package github.com/greenpau/caddy-security. The vulnerability is a Cross-site Scripting (XSS) flaw via the Referer header caused by incomplete input sanitization. While some characters (e.g., &, , ", ') are escaped, the check does not cover attacks us...