rsshub is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to the improper sanitisation of special characters in parameter.js
which allows an attacker to inject and execute malicious JavaScript into the browser.
CPE | Name | Operator | Version |
---|---|---|---|
rsshub | le | 1.0.0-master.c8f06fe | |
rsshub | le | 1.0.0-master.c8f06fe |