XSS
Verdaccio is vulnerable to XSS which allows malicious JavaScript packages to be executed in the user interface and steal user credentials.
Advisories for Npm/Verdaccio package
2019
Cross-site Scripting
verdaccio allows XSS.
Verdaccio is vulnerable to XSS which allows malicious JavaScript packages to be executed in the user interface and steal user credentials.
verdaccio allows XSS.