Restify · Restify · CVE-2017-16018
Name of the Vulnerable Software and Affected Versions:
restify versions 2.0.0 through 4.0.4
Description:
The issue allows an attacker to execute script in some browsers by using URL encoded script tags in a non-existent URL. This is a cross-site scripting vulnerability.
Recommendations:
For restify versions 2.0.0 through 4.0.4, update to version 4.1.0 or later.