Site icon API Security Blog

Cross-site Scripting (XSS)

github.com/alexxit/go2rtc is vulnerable to DOM-based cross-site scripting (XSS). The vulnerability is due to the lack of input sanitization when appending API data using innerHTML in the index page (index.html), allowing an attacker to execute malicious scripts in the context of the go2rtc instance's…Read More

Exit mobile version