Headline
GHSA-f8hv-rx9p-f9r4: generator-hottowel Cross-site Scripting vulnerability
A vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/_app.js of the component 404 Error Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is c17092fd4103143a9ddab93c8983ace8bf174396. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-221484.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2016-15025
generator-hottowel Cross-site Scripting vulnerability
Moderate severity GitHub Reviewed Published Feb 20, 2023 to the GitHub Advisory Database • Updated Feb 22, 2023
Package
npm generator-hottowel (npm)
Affected versions
< 0.5.0
Description
Published by the National Vulnerability Database
Feb 20, 2023
Published to the GitHub Advisory Database
Feb 20, 2023
Last updated
Feb 22, 2023
Related news
A vulnerability, which was classified as problematic, was found in generator-hottowel 0.0.11. Affected is an unknown function of the file app/templates/src/server/_app.js of the component 404 Error Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is c17092fd4103143a9ddab93c8983ace8bf174396. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-221484.