Key Information Vulnerability Overview Vulnerability Type: Cross-site Scripting (XSS) Affected Package: Version: No fixed version available Vulnerability Details Description: Due to insecure page caching, certain versions of are vulnerable to Cross-site Scripting (XSS) attacks. Attackers can inject malicious scripts into trusted websites, which will execute in users' browsers when they interact with the site. Severity: CVSS Score 4.2, Medium Risk Attack Types Affected Environments Web servers Application servers Web application environments Mitigation Measures Validate all input data in HTTP requests and filter or escape it before reflecting back to users. Encode special characters. Provide users with an option to disable client-side scripts. Redirect invalid requests. Use Content Security Policy (CSP) to disable features that could be exploited for XSS attacks. References PoC CVSS Base Scores Snyk: 4.2 Medium Risk NVD: 6.1 Medium Risk Red Hat: 4.5 Medium Risk