GHSA-r947-2crg-xc39, CVE-2022-40365
go/github.com/ouqiang/gocron
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross site scripting (XSS) vulnerability in ouqiang gocron through 1.5.3, allows attackers to execute arbitrary code via scope.row.hostname in web/vue/src/pages/taskLog/list.vue.
All versions up to 1.5.3
Unfortunately, there is no solution available yet.
2022-09-19
source |