CVE-2024-26467 Information

Feb 29, 2024 cve

Description

A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.

Reference

https://gist.github.com/cd80/50463b0e62067ec861b7006cbf46b068

Share on: