VYPR
Medium severity6.1NVD Advisory· Published Jun 4, 2018· Updated Jun 17, 2026

CVE-2017-16015

CVE-2017-16015

Description

Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
formsnpm
< 1.3.01.3.0

Affected products

2
  • ghsa-coords
    Range: < 1.3.0
  • HackerOne/forms node modulev5
    Range: <1.3.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.