CVE-2018-11647

CVE-2018-11647

index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.

Source: CVE-2018-11647