Описание
metascraper before v5.2.0 vulnerable to stored cross-site scripting
Versions of metascraper prior to 5.2.0 are vulnerable to stored cross-site scripting (XSS).
Recommendation
Upgrade to version 5.2.0 or later.
Пакеты
Наименование
metascraper
npm
Затронутые версииВерсия исправления
< 5.2.0
5.2.0
Связанные уязвимости
CVSS3: 6.1
nvd
больше 7 лет назад
There is a stored Cross-Site Scripting vulnerability in Open Graph meta properties read by the `metascrape` npm module <= 3.9.2.