CVE-2018-16481

Name of the Vulnerable Software and Affected Versions html-page versions prior to 2.1.1 html-pages (affected versions not specified)

Description A Cross-Site Scripting (XSS) issue was discovered, allowing malicious JavaScript code to be executed in the user's browser due to the lack of sanitization of folder names and paths before rendering. This enables attackers to execute arbitrary JavaScript in the victim's browser through folders with names containing malicious code.

Recommendations For html-page versions prior to 2.1.1, consider using an alternative package until a fix is made available. For html-pages, consider using an alternative package until a fix is made available.