Vulnerability	Vulnerable Version
C Cross-site Scripting (XSS) @ionic/core is a the open-source mobile app development framework that makes it easy to build top quality native and progressive web apps with web technologies. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the following components: `<ion-alert>.message, <ion-searchbar>.placeholder, <ion-infinite-scroll-content>.loadingText, <ion-refresher-content>.pullingText, <ion-refresher-content>.refershingText,` This is due to improper sanitising of `innerHTML`. How to fix Cross-site Scripting (XSS)? Upgrade `@ionic/core` to version 4.0.3, 4.1.3, 4.2.1, 4.3.1 or higher.	<4.0.3>=4.1.0 <4.1.3>=4.2.0 <4.2.1>=4.3.0 <4.3.1

Cross-site Scripting (XSS)

@ionic/core is a the open-source mobile app development framework that makes it easy to build top quality native and progressive web apps with web technologies.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the following components:

<ion-alert>.message, 
<ion-searchbar>.placeholder, 
<ion-infinite-scroll-content>.loadingText, 
<ion-refresher-content>.pullingText, 
<ion-refresher-content>.refershingText,

This is due to improper sanitising of innerHTML.

How to fix Cross-site Scripting (XSS)?

Upgrade @ionic/core to version 4.0.3, 4.1.3, 4.2.1, 4.3.1 or higher.

<4.0.3>=4.1.0 <4.1.3>=4.2.0 <4.2.1>=4.3.0 <4.3.1

Go back to all versions of this package