2.44.1
9 years ago
2 months ago
Known vulnerabilities in the jquery.terminal package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
jquery.terminal is a plugin for creating command line interpreters in your applications. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The code for XSS payload is always visible, but an attacker can use other techniques to hide the code the victim sees. If the application uses the WorkaroundThe user can use formatting that wrap whole user input and it's no op. This workaround will only work when user of the library is not using different formatters (e.g. to highlight code in different way).
How to fix Cross-site Scripting (XSS)? Upgrade | <2.31.1 |
jquery.terminal is a plugin for creating command line interpreters in your applications. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The application may execute arbitrary JavaScript through crafted malicious payloads due to insufficient sanitization. This may be caused if the options anyLinks or invokeMethods are set to true. How to fix Cross-site Scripting (XSS)? Upgrade | <1.21.0 |