Microsoft: >> Nugetgallery Security Vulnerabilities
NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability in its handling of HTML element attributes, which allows an attacker to execute arbitrary HTML or Javascript code in a victim's browser.
CVSS Score
8.2
EPSS Score
0.001
Published
2024-10-01
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-06-09