NASA NODIS Cross Site Scripting

Posted on 21 October 2019

The NASA Online Directives Information System suffers from a cross site scripting vulnerability that can be leveraged via the User-Agent header. The researcher has notified NASA and has not received a response.