EPSS
Percentile
36.5%
mayan-edms is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization of node.label in the jstree_data function of mayan/apps/cabinets/widgets.py, causing XSS attacks.
node.label
jstree_data
mayan/apps/cabinets/widgets.py
gitlab.com/mayan-edms/mayan-edms/commit/48dfc06e49c7f773749e063f8cc69c95509d1c32
gitlab.com/mayan-edms/mayan-edms/issues/495