EPSS
Percentile
37.2%
valine is vulnerable to code injection. The vulnerability is possible because the EMBED tags are not validated to enforce same-origin policy, allowing the attacker to inject HTML combined with a .pdf file.
EMBED
.pdf
github.com/xCss/Valine/issues/127