CVE-2020-28470

Published January 14th, 2021

View on NVD ↗

CVSS v3

7.3

HIGH

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

This affects the package @scullyio/scully before 1.0.9. The transfer state is serialised with the JSON.stringify() function and then written into the HTML page.

scullyio/scully

The Static Site Generator for Angular apps

GitHub

2.54K