Page 2 of 6 results (0.001 seconds)
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39183 – Unsafe inline XSS Owncast
https://notcve.org/view.php?id=CVE-2021-39183
Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-src is required to be set to blob for the video player. Owncast es un servidor de chat y transmisión de vídeo en directo de código abierto y autoalojado. • https://github.com/owncast/owncast/security/advisories/GHSA-2hfj-cxw7-g45p • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •