An attacker with access to the web application that...
Moderate severity
Unreviewed
Published
Feb 7, 2024
to the GitHub Advisory Database
Description
Published by the National Vulnerability Database
Feb 6, 2024
Published to the GitHub Advisory Database
Feb 7, 2024
An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "autorefresh" parameter.
References