VYPR

hledger

by Hledger

CVEs (1)

  • CVE-2021-46888MedMay 21, 2023
    risk 0.00cvss 5.4epss 0.01

    An issue was discovered in hledger before 1.23. A Stored Cross-Site Scripting (XSS) vulnerability exists in toBloodhoundJson that allows an attacker to execute JavaScript by encoding user-controlled values in a payload with base64 and parsing them with the atob function.