invenio-previewer cross-site scripting vulnerability
invenio-previewer is an Invenio module for previewing files. A cross-site scripting vulnerability exists in versions prior to invenio-previewer 1.0.0a12. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability ...