Node.js third-party modules: [redis-commander] Reflected SWF XSS via vulnerable "clipboard.swf" component

Hi, An injection in the highlighterId parameter of the clipboard.swf component can be used to reflect JavaScript in the context of hosts running Redis Commander. Module specification Name: redis-commander Version: 0.4.5 latest release build Verified conditions Test server: Ubuntu 16.04 LTS Browse...