npm package
@novnc/novnc
pkg:npm/%40novnc/novnc
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-18635 | — | < 0.6.2 | 0.6.2 | Sep 25, 2019 | An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name. |
- CVE-2017-18635Sep 25, 2019affected < 0.6.2fixed 0.6.2
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.