CVE-2026-3951

Name of the Vulnerable Software and Affected Versions LockerProject Locker versions 0.0.0 through 0.1.0

Description A security issue exists in LockerProject Locker. The authIsAwesome function within the Error Response Handler component, specifically in the file source-code/Locker-master/Ops/registry.js, is susceptible to cross-site scripting. Manipulation of the ID argument can lead to this issue. The attack can be initiated remotely. An exploit for this issue has been publicly released. The project maintainers were previously notified of the problem through an issue report but have not yet responded.

Recommendations Versions 0.0.0 through 0.1.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.