2025-09-09 20:16:26
GitHub_M
PUBLISHED
wabac.js provides a full web archive replay system, or wayback machine, using Service Workers. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the 404 error handling logic of wabac.js v2.23.10 and below. The parameter `requestURL` (derived from the original request target) is directly embedded into an inline `