GHSA-WV8X-3W6R-6H7V gotortc Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...

gotortc Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...

CVE-2024-29191 GHSL-2023-205 gotortc DOM-based Cross-site Scripting vulnerability

gotortc is a camera streaming application. Versions 1.8.5 and prior are vulnerable to DOM-based cross-site scripting. The links page links.html appends the src GET parameter 0 in all of its links for 1-click previews. The context in which src is being appended is innerHTML 1, which will insert th...

CVE-2024-29191

CVE-2024-29191 affects gotortc (camera streaming app); versions 1.8.5 and earlier are vulnerable to DOM-based XSS. The vulnerability arises when links.html appends the src GET parameter into links via innerHTML, causing text to be interpreted as HTML. A patch was committed (3b3d5b033aac3a019af64f...