webtorrent is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the title
or filename
parameters in the metadata of a torrent file.
CPE | Name | Operator | Version |
---|---|---|---|
webtorrent | le | 0.107.5 |