posthog-js@1.39.2 vulnerabilities
Posthog-js allows you to automatically capture usage and send events to PostHog.
-
latest version
1.136.2
-
latest non vulnerable version
-
first published
4 years ago
-
latest version published
3 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the posthog-js package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
posthog-js is a Posthog-js allows you to automatically capture usage and send events to PostHog. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the JS and API URLs. This allows a low-privileged user to execute scripts. How to fix Cross-site Scripting (XSS)? Upgrade |
<1.57.2
|