CVE-2019-9738

Name of the Vulnerable Software and Affected Versions jimmykuu Gopher version 2.0

Description The issue involves a DOM-based XSS that can be exploited through specific vectors, including the '<EMBED SRC="data:image/svg+xml' substring. This allows for potential malicious script execution.

Recommendations For jimmykuu Gopher version 2.0, consider disabling the use of the <EMBED> tag with SRC attributes containing data:image/svg+xml substrings until a patch is available. Restrict access to potentially vulnerable modules or functions to minimize the risk of exploitation.