6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.9%
It’s possible to use nested script tags in order to bypass the filtering regex.
github.com/advisories/GHSA-3q6f-8grx-pr4v
github.com/MrRio/jsPDF/commit/d0323215b1a1cd1c35bf2b213274ae1e4797715d
github.com/MrRio/jsPDF/issues/2971
nvd.nist.gov/vuln/detail/CVE-2020-7691
snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-575255
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-575253
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBMRRIO-575254
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-575252
snyk.io/vuln/SNYK-JS-JSPDF-568273
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.9%