fomantic-ui@2.6.2 vulnerabilities
Fomantic empowers designers and developers by creating a shared vocabulary for UI.
-
latest version
2.9.3
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
a year ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the fomantic-ui package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
fomantic-ui is a community fork of the popular Semantic-UI framework. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Lack of output encoding on the selection dropdown user additions and search response values can lead to user input being executed as JavaScript instead of plaintext. This is due to the The remediation to this vulnerability has applied to fomantic-u, a community fork of the popular Semantic-UI framework. How to fix Cross-site Scripting (XSS)? Upgrade |
<2.7.0
|