MidnightBSD

Advisories for tabatkins

CVE-2024-26467

A DOM based cross-site scripting (XSS) vulnerability in the component generator.html of tabatkins/railroad-diagrams before commit ea9a123 allows attackers to execute arbitrary Javascript via sending a crafted URL.

Products Affected

Vendor Product Version
tabatkins railroad-diagram_generator *