Cross-site Scripting (XSS)

jquery.terminal is vulnerable to cross-site scripting. The use of execHash option code from URL allows an attacker to execute malicious code via URL. Note: Javascript attribute used is added to span tag , therefore allowing no automatic execution like with onerror...