logo
DATABASE RESOURCES PRICING ABOUT US

Cross-site Scripting (XSS)

Description

neos/neos is vulnerable to cross-site scripting(XSS) attacks. The library does not properly escape the HTML content in notification module, allowing an attacker to inject and execute malicious javascript on victim's browser.