0.001 Low
EPSS
Percentile
36.1%
flow-server is vulnerable to cross-site scripting. The vulnerability exists due to the use of the HTML input not sanitized before added to the template.
github.com/advisories/GHSA-jqj4-r483-4gvr
github.com/vaadin/flow/pull/5498
vaadin.com/security/cve-2019-25027