remark42 prior to 1.6.1 allows XSS, as demonstrated by "Locator: Locator{URL:" followed by an XSS payload. This is related to backend/app/store/comment.go and backend/app/store/service/service.go.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
remark42 remark42 |