CVE-2020-8823

CVE-2020-8823

EPSS 1.8%

htmlfile in lib/transport/htmlfile.js in SockJS before 0.3.0 is vulnerable to Reflected XSS via the /htmlfile c (aka callback) parameter.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/theyiyibest/Reflected-XSS-on-SockJS https://github.com/theyiyibest/Reflected-XSS-on-SockJS/issues/1 https://snyk.io/vuln/SNYK-JS-SOCKJS-548397 https://www.sockjs.org