bracket-template@1.0.3 vulnerabilities

Javascript templates

Direct Vulnerabilities

Known vulnerabilities in the bracket-template package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Cross-site Scripting (XSS)

bracket-template is a Bracket-Template support for JSTransformers.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows to inject arbitrary JavaScript tag and malicious code to execute when variables read from GET are used directly in template without sanitization.

*