Cross-Site Scripting in graylog-web-interface

All versions of graylog-web-interface are vulnerable to Cross-Site Scripting XSS. The package fails to escape output on the TypeAhead and QueryInput components, which may allow attackers to execute arbitrary JavaScript on the victim's browser. Recommendation No fix is currently available. Conside...