The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsThis vulnerability only affects v0.5.x and v0.4.x. Versions in the 0.3.x family are unaffected.
Upgrade react to version 0.5.2\0.4.2 or higher.
react is React is a JavaScript library for building user interfaces..
Affected versions of the package contain Cross-site Scripting (XSS) vulnerability due to unescaped text before inserted into the DOM.
A Cross-site Scripting (XSS) vulnerability can arise when using user data as a key. Typically "safe" data is used for a key, for example, an id from your database, or a unique hash. However there are cases where it may be reasonable to use user generated content. A carefully crafted piece of content could result in arbitrary code execution.
<>