0.001 Low
EPSS
Percentile
36.1%
Pannellum is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser due to insufficient sanitization for data URLs such as vbscript:.
vbscript:
github.com/mpetroff/pannellum/commit/cc2f3d99953de59db908e0c6efd1c2c17f7c6914
github.com/mpetroff/pannellum/security/advisories/GHSA-m52x-29pq-w3vv