Cross site scripting (XSS) in meldekarten generator

Meldekarten generator is an open source project to create a program, running locally in the browser without the need for an internet-connection, to create, store and print registration cards for volunteers. All text fields on the webpage are vulnerable to XSS attacks. The user input isn't (fully) sanitized after submission. This issue has been addressed in commit `77e04f4af` which is included in the `1.0.0b1.1.2` release. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Meldekarten Generator 跨站脚本漏洞

Meldekarten Generator是jucktnich个人开发者的一个创建程序的项目。 Meldekarten generator 1.0.0b1.1.1及之前版本存在跨站脚本漏洞，该漏洞源于网页上的所有文本字段都容易受到 XSS 攻击，用户输入在提交后未完全清理。

N/A

N/A