EPSS
Percentile
29.7%
uri.js is vulnerable to cross-site scripting. The vulnerability exists due to a lack of sanitization of \r (CR), \n, (LF) \t (TAB) of the URI allowing an attacker to inject maliciously crafted script into the system.
\r
\n
\t
github.com/medialize/uri.js/commit/b0c9796aa1a95a85f40924fb18b1e5da3dc8ffae
huntr.dev/bounties/8c5afc47-1553-4eba-a98e-024e4cc3dfb7