@progress/kendo-angular-editor@1.0.2-dev.202002051901 vulnerabilities
Kendo UI Editor for Angular
-
latest version
16.4.0
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
6 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @progress/kendo-angular-editor package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
@progress/kendo-angular-editor is an UI library for Angular Editor including a set of ready-to-use features covering toolbar tools, forms and accessibility support. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). When the Editor content contains potentially malicious scripts in element event handlers, they get executed. Adding the following content to the Editor value demonstrates the issue: How to fix Cross-site Scripting (XSS)? Upgrade |
<1.2.3
|