org.webjars.npm:vis-timeline@7.3.7 vulnerabilities
-
latest version
7.5.1
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
2 years ago
-
licenses detected
- (Apache-2.0 OR MIT)[7.3.7,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:vis-timeline package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.npm:vis-timeline is a Timeline/Graph2D is an interactive visualization chart to visualize data in time Affected versions of this package are vulnerable to Cross-site Scripting (XSS). An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application. PoC
How to fix Cross-site Scripting (XSS)? Upgrade |
[0,7.4.4)
|