1 matches found
Cross-site Scripting (XSS)
octotree is vulnerable to cross-site scripting XSS attacks. These attacks are possible through filenames passed to the jsTree. The jsTree renders any HTML passed to it as a tree node's text...