Cross-site Scripting (XSS)
Discription
urql/next is vulnerable to Cross-site scripting (XSS). The vulnerability is due to improper sanitization of HTML-like characters in the response stream. An attacker can inject malicious scripts by ensuring that the response returns html tags and that the web-application is using streamed responses…Read More
References
Back to Main