Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-7747
This affects all versions of package lightning-server. It is possible to inject malicious JavaScript code as part of a session controller.