MidnightBSD

Advisories for web-platform-tests

CVE-2024-26466

A DOM based cross-site scripting (XSS) vulnerability in the component /dom/ranges/Range-test-iframe.html of web-platform-tests/wpt before commit 938e843 allows attackers to execute arbitrary Javascript via sending a crafted URL.

Products Affected

Vendor Product Version
web-platform-tests web-platform-tests -