CVE-2020-28470 – This affects the package @scullyio/scully before 1.0.9. The transfer state is serialised w …

Vuln ID: CVE-2020-28470

Published:  2021-01-14  10:15:13Z

Description: This affects the package @scullyio/scully before 1.0.9. The transfer state is serialised with the JSON.stringify() function and then written into the HTML page.

Source: NVD.NIST.GOV