index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected