stimulsoft-dashboards-js@2022.2.3 vulnerabilities

Stimulsoft Dashboards.JS is a dashboards tool for Node.js

Direct Vulnerabilities

Known vulnerabilities in the stimulsoft-dashboards-js package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Cross-site Scripting (XSS)

stimulsoft-dashboards-js is a Stimulsoft Dashboards.JS is a dashboards tool for Node.js

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the ReportName field. An attacker can execute arbitrary code by injecting a crafted payload.

How to fix Cross-site Scripting (XSS)?

Upgrade stimulsoft-dashboards-js to version 2024.1.3 or higher.

<2024.1.3
  • H
Path Traversal

stimulsoft-dashboards-js is a Stimulsoft Dashboards.JS is a dashboards tool for Node.js

Affected versions of this package are vulnerable to Path Traversal via the Save function. An attacker can execute arbitrary code by sending a crafted payload to the fileName parameter.

How to fix Path Traversal?

Upgrade stimulsoft-dashboards-js to version 2024.1.3 or higher.

<2024.1.3
  • M
Cross-site Scripting

stimulsoft-dashboards-js is a Stimulsoft Dashboards.JS is a dashboards tool for Node.js

Affected versions of this package are vulnerable to Cross-site Scripting via the search bar component. An attacker can execute arbitrary code by injecting a crafted payload.

How to fix Cross-site Scripting?

Upgrade stimulsoft-dashboards-js to version 2024.1.3 or higher.

<2024.1.3