Algernon Project: >> Algernon >> 0.45 Security Vulnerabilities
All versions of the package github.com/xyproto/algernon/engine; all versions of the package github.com/xyproto/algernon/themes are vulnerable to Cross-site Scripting (XSS) via the themes.NoPage(filename, theme) function due to improper user input sanitization. Exploiting this vulnerability is possible when a file/resource is not found.
CVSS Score
5.4
EPSS Score
0.002
Published
2023-05-31