1.1.5
8 years ago
7 years ago
Known vulnerabilities in the bracket-template package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
bracket-template is a Bracket-Template support for JSTransformers. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows to inject arbitrary JavaScript tag and malicious code to execute when variables read from GET are used directly in template without sanitization. | * |