parse-url-exploit Example of Cross-site Scripting (XSS) attack for parse-url npm package XSS on this package works due to improper sanitization of special ASCII characters As of writing, parse-url receives 31 million downloads per week (npm) Version in this repo: parse-url 702 This vulnerability was assigned CVE-2022-2218 nvdnistgov/vuln/detail/CVE-2022-2218 h