Vulnerability	Vulnerable Version
L Improper Neutralization node-red-dashboard is a provides a set of nodes in Node-RED to quickly create a live data dashboard. Affected versions of this package are vulnerable to Improper Neutralization due to improper user-input sanitization in `ui-component-ctrl.js` file, via `ui_text` format input. How to fix Improper Neutralization? Upgrade `node-red-dashboard` to version 3.2.0 or higher.	<3.2.0
M Directory Traversal node-red-dashboard is a provides a set of nodes in Node-RED to quickly create a live data dashboard. Affected versions of this package are vulnerable to Directory Traversal. Allows `ui_base/js/..%2f` directory traversal to read files. How to fix Directory Traversal? Upgrade `node-red-dashboard` to version 2.26.2 or higher.	<2.26.2
M Cross-site Scripting (XSS) node-red-dashboard is a provides a set of nodes in Node-RED to quickly create a live data dashboard. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). How to fix Cross-site Scripting (XSS)? Upgrade `node-red-dashboard` to version 2.17.0 or higher.	<2.17.0
M Cross-site Scripting (XSS) node-red-dashboard provides a set of nodes in Node-RED to quickly create a live data dashboard. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to inappropriate filtering of input variables. How to fix Cross-site Scripting (XSS)? Upgrade `node-red-dashboard` to version 2.14.0 or higher.	<2.14.0

Go back to all versions of this package