0.002 Low
EPSS
Percentile
52.6%
This affects the package vis-timeline before 7.4.4. An attacker with the ability to control the items of a Timeline element can inject additional script code into the generated application.
github.com/visjs/vis-timeline/issues/838
github.com/visjs/vis-timeline/pull/840
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBVISJS-1063502
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1063501
snyk.io/vuln/SNYK-JS-VISTIMELINE-1063500