CVE-2020-7747
npm/lightning-server
Cross-site Scripting
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller.
All versions
Unfortunately, there is no solution available yet.
2020-10-23
source |