CVE-2024-26468

Name of the Vulnerable Software and Affected Versions jstrieb/urlpages versions before commit 035b647

Description A DOM based cross-site scripting (XSS) vulnerability in the component index.html of jstrieb/urlpages allows attackers to execute arbitrary Javascript via sending a crafted URL.

Recommendations For versions before commit 035b647, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the index.html component to minimize the risk of exploitation. Avoid using crafted URLs that could trigger the execution of arbitrary Javascript until the issue is resolved.