file-upload-with-preview@4.0.8 vulnerabilities
Simple file-upload utility that shows a preview of the uploaded image. Written in TypeScript. No dependencies. Works well with or without a framework.
-
latest version
6.1.2
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
2 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the file-upload-with-preview package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
file-upload-with-preview is an A simple file-upload utility that shows a preview of the uploaded image. Written in pure JavaScript. No dependencies. Works well with Bootstrap 4 or without a framework. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file). How to fix Cross-site Scripting (XSS)? Upgrade |
<4.2.0
|