Cross-site Scripting (XSS)

Overview @cosmos.gl/graph is a GPU-based force graph layout and rendering Affected versions of this package are vulnerable to Cross-site Scripting XSS due to writing a user-controllable HTML string directly to the DOM without sanitization. An attacker can execute arbitrary JavaScript code in a...