Incomplete List of Disallowed Inputs
Overview unhead is a Full-stack manager built for any framework. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs in the hasDangerousProtocol function though the usage of HtmlEntityHex and HtmlEntityDec RegExp. An attacker can inject malicious URIs into the...