Homepage
About Snyk

shave@0.1.2 vulnerabilities

Shave is a javascript plugin that truncates multi-line text within a html element based on set max height

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the shave package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Cross-site Scripting (XSS)

shave is a zero dependency JavaScript plugin that truncates multi-line text to fit within an html element based on a set pixel number max-height.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to the usage of the insertAdjacentHTML method within an element interface which could fetch possible user input from the innerText property under certain conditions.

How to fix Cross-site Scripting (XSS)?

Upgrade shave to version 2.5.3 or higher.

<2.5.3
Go back to all versions of this package