EPSS
Percentile
29.3%
selectize-plugin-a11y is vulnerable to cross-site scripting (XSS). The vulnerability exists due to improper handling of the msg field which allows a malicious user to inject and execute arbitrary Javascript through it.
msg
github.com/SLMNBJ/selectize-plugin-a11y/commit/99c14f7644fdfc815625d7b54829e6c2dca31a8b
github.com/SLMNBJ/selectize-plugin-a11y/pull/9
www.npmjs.com/package/selectize-plugin-a11y/v/1.1.0