AI Score
Confidence
High
EPSS
Percentile
49.9%
This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application.
github.com/visjs/vis-timeline/issues/838
github.com/visjs/vis-timeline/pull/840
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBVISJS-1063502
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1063501
snyk.io/vuln/SNYK-JS-VISTIMELINE-1063500