Cross-site Scripting (XSS)
Overview @tutao/otest is a little test runner Affected versions of this package are vulnerable to Cross-site Scripting XSS via the contact viewer. An attacker can manipulate the appearance and behavior of the link button by injecting specially crafted contact data, causing the link address to be...