EPSS
Percentile
68.1%
trafficserver is vulnerable to improper input validation. The library does not properly escape the special characters before it output to the front end, allowing an attacker to inject and execute malicious javascript.
lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
security-tracker.debian.org/tracker/CVE-2022-40743