github.com/rancher/norman is vulnerable to Cross Site Scripting (XSS) . The vulnerability is due to a lack of URL validation within the ParseRequestURL method. An attacker can execute arbitrary JavaScript by sending a crafted payload to a public API endpoint, resulting in…Read More