Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and possibly earlier allows remote malicious users to inject arbitrary web script or HTML via the id parameter to demo/en/asyncData/getNodesForBigData.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ztree project ztree |