anahkiasen/former is vulnerable to cross-site scripting (XSS). The vulnerability exists as the value $value
in Checkable.php
is not sanitized, allowing a remote attacker to inject arbitrary Javascript into a victim’s browser through the affected parameters.
CPE | Name | Operator | Version |
---|---|---|---|
anahkiasen/former | le | 4.2.0 |