CVE-2018-3735

Summary

bracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template

Affected Software

VendorProductVersion RangeStatus
HackerOnebracket-template node moduleVersions up to and including 1.1.5affected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Generic (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References