@attraqt/activity (>=0.0.1 <=1.3.0-alpha.3), @attraqt/xo-js (=0.0.1) +2 more potentially affected by CVE-2020-28464 via djv (=2.1.3-alpha.0)

djv NPM version =2.1.3-alpha.0 is affected by a known vulnerability. The following packages have a transitive dependency on djv and may be impacted: - @attraqt/activity =0.0.1, =1.1.8, =1.0.3, =1.1.6 Source cves: CVE-2020-28464 Source advisory: SNYK:JS-DJV-1014545...

tableau.attraqt.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1149658 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...