Withdrawn Advisory: Home Assistant Frontend XSS Vulnerability
Moderate severity
GitHub Reviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Oct 10, 2023
Withdrawn
This advisory was withdrawn on Oct 10, 2023
Description
Published by the National Vulnerability Database
Nov 10, 2017
Published to the GitHub Advisory Database
May 17, 2022
Reviewed
Jul 27, 2023
Withdrawn
Oct 10, 2023
Last updated
Oct 10, 2023
Withdrawn Advisory
This advisory has been withdrawn because we cannot confirm home-assistant-frontend is or was ever published to npm.
Original Description
In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS.
References