org.webjars.npm:xmlhttprequest@1.4.2 vulnerabilities
-
latest version
1.4.2
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
5 years ago
-
licenses detected
- [1.3.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:xmlhttprequest package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.npm:xmlhttprequest is a wrapper for the built-in http client to emulate the browser XMLHttpRequest object. Affected versions of this package are vulnerable to Arbitrary Code Injection. Provided requests are sent synchronously ( POC
How to fix Arbitrary Code Injection? Upgrade |
[,1.8.0)
|