In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Insecure Configuration vulnerabilities in an interactive lesson.
Start learningUpgrade vega-embed
to version 6.7.0 or higher.
vega-embed is a publish Vega visualizations as embedded web components.
Affected versions of this package are vulnerable to Insecure Configuration. Useage of "*"
as part of postMessage communications would potentially allow malicious code to intercept a user's data.