metascraper is vulnerable to cross-site scripting (XSS) attacks. The library does not sanitize its input, allowing a malicious user to inject and execute arbitrary code by means of a website that is scraped by the library.
CPE | Name | Operator | Version |
---|---|---|---|
metascraper | le | 5.1.1 | |
metascraper | le | 5.1.1 |