EPSS
Percentile
33.8%
iobroker.web is vulnerable to cross-site scripting (XSS). The attack is possible because it does not sanitize the characters in the URL path, allowing an attacker to inject arbitrary script through it.
github.com/ioBroker/ioBroker.web/commit/24ebb6d3714feac87570ce7a2e827fd2f91aa043