vis-timeline@6.4.2 vulnerabilities
Create a fully customizable, interactive timeline with items and ranges.
-
latest version
7.7.3
-
latest non vulnerable version
-
first published
5 years ago
-
latest version published
a year ago
-
licenses detected
- (Apache-2.0 OR MIT)>=0
Direct Vulnerabilities
Known vulnerabilities in the vis-timeline package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
vis-timeline is a Timeline/Graph2D is an interactive visualization chart to visualize data in time Affected versions of this package are vulnerable to Cross-site Scripting (XSS). An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application. PoC
How to fix Cross-site Scripting (XSS)? Upgrade |
<7.4.4
|