EPSS
Percentile
43.7%
owncast/owncast is vulnerable to cross-site scripting. The vulnerability exists due to the lack of validation in chat field, allowing an attacker to inject and execute malicious javascript.
github.com/owncast/owncast/commit/9a91324456eb0b487216c165e9e61ab01ac93bc3
github.com/owncast/owncast/security/advisories/GHSA-2hfj-cxw7-g45p