A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| tabatkins | railroad-diagram_generator | * |