CVE-2020-8127

EPSS 1.2%CWE-79

Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks.

Produtos afetados

n/a · reveal.js

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://hackerone.com/reports/691977