4.102.1
6 years ago
4 days ago
Known vulnerabilities in the ids-enterprise package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
ids-enterprise is a framework-independent UI library consisting of CSS and JS that provides product development teams, partners, and customers the tools to create user experiences that are approachable, focused, relevant, perceptive. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). Script tags inside dropdown options are executed when removing search text using backspace, resulting in execution of JavaScript. How to fix Cross-site Scripting (XSS)? Upgrade | <4.23.0-dev.20191105 |
ids-enterprise is a framework-independent UI library consisting of CSS and JS that provides product development teams, partners, and customers the tools to create user experiences that are approachable, focused, relevant, perceptive. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The title and title example value of a modal was found to be unescaped, allowing insertion of JavaScript which is not sanitized. How to fix Cross-site Scripting (XSS)? Upgrade | <4.22.0-beta.0 |
ids-enterprise is a framework-independent UI library consisting of CSS and JS that provides product development teams, partners, and customers the tools to create user experiences that are approachable, focused, relevant, perceptive. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The How to fix Cross-site Scripting (XSS)? Upgrade | <4.18.2 |
ids-enterprise is a framework-independent UI library consisting of CSS and JS that provides product development teams, partners, and customers the tools to create user experiences that are approachable, focused, relevant, perceptive. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The How to fix Cross-site Scripting (XSS)? Upgrade | <4.18.2 |
ids-enterprise is a framework-independent UI library consisting of CSS and JS that provides product development teams, partners, and customers the tools to create user experiences that are approachable, focused, relevant, perceptive. Affected versions of this package are vulnerable to Cross-site Scripting (XSS).
JavaScript inserted within How to fix Cross-site Scripting (XSS)? Upgrade | <4.18.2 |
ids-enterprise is a framework-independent UI library consisting of CSS and JS that provides product development teams, partners, and customers the tools to create user experiences that are approachable, focused, relevant, perceptive. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the "add tab" api, because it treats the name as html. How to fix Cross-site Scripting (XSS)? Upgrade | <4.15.0 |