MEDIUM 6.1
GHSA-vh59-v9r5-4mh4
Cross-site scripting in jspdf
Details
Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It's possible to inject JavaScript code via the `html` method.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2020-7690 [ADVISORY]
- https://github.com/MrRio/jsPDF/issues/2795 [WEB]
- https://github.com/parallax/jsPDF/issues/2862 [WEB]
- https://github.com/parallax/jsPDF/issues/2971 [WEB]
- https://github.com/parallax/jsPDF/pull/2806 [WEB]
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-575260 [WEB]
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-575258 [WEB]
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-575259 [WEB]
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-575257 [WEB]
- https://snyk.io/vuln/SNYK-JS-JSPDF-575256 [WEB]