devextreme@21.1.4 vulnerabilities

HTML5 JavaScript Component Suite for Responsive Web Development

Direct Vulnerabilities

Known vulnerabilities in the devextreme package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

devextreme is a HTML5 JavaScript Component Suite for Responsive Web Development

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It is possible to insert HTML within multiple areas of the UI resulting in client side XSS.

How to fix Cross-site Scripting (XSS)?

Upgrade devextreme to version 21.1.5 or higher.

<21.1.5