2 matches found
H5P-Nodejs-library 安全漏洞
H5P-Nodejs-library is a collection of server-side and client-side packages open-sourced by Lumi that can be used to use h5p in nodejs backends. A security vulnerability exists in H5P-Nodejs-library versions prior to 9.3.3, which stems from not calling sanitizeHtml on a plain text string...
CVE-2022-2986
Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk...