GHSA-q82r-57vj-xrfh: Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote...

• Source: GitHub Global Advisories

Reflected Cross-Site Scripting (rXSS) vulnerability in krpano before version 1.23.2 allows remote attackers to execute arbitrary JavaScript via crafted URLs.

Reflected Cross-Site Scripting (rXSS) in krpano before version 1.23.2 allows a remote unauthenticated attacker to execute arbitrary JavaScript in the victim's browser via a crafted URL to the passQueryParameters function with the xml parameter enabled.