nzedb/nzedb is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization of the page variable in the rendered 404 page, causing arbitrary scripts to execute.
CPE | Name | Operator | Version |
---|---|---|---|
nzedb/nzedb | le | 0.7.4.1 |