0.001 Low
EPSS
Percentile
31.5%
openmct is vulnerable to cross-site scripting. The library does not properly escape the URL field in the Condition Widget element, allowing an attacker to inject and execute malicious javascript.
URL
Condition Widget
github.com/nasa/openmct/commit/abc93d0ec4b104dac1ea5f8a615d06e3ab78934a