0.001 Low
EPSS
Percentile
44.0%
teddy is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists because it does not properly escape the user-supplied input in ‘utils.js’ allowing the attacker to inject arbitrary script.
github.com/rooseveltframework/teddy/commit/64c556717b4879bf8d4c30067cf6e70d899a3dc0
github.com/rooseveltframework/teddy/pull/518
github.com/rooseveltframework/teddy/releases/tag/0.5.9