3 matches found
GHSA-VPJ4-89Q8-RH38 Cross-Site Scripting in bpmn-js-properties-panel
Versions of bpmn-js-properties-panel prior to 0.31.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize input in specially configured diagrams, which may allow attackers to inject arbitrary JavaScript in the embedding website. Recommendation Upgrade to version 0.31.0 or lat...
Cross-Site Scripting in bpmn-js-properties-panel
Versions of bpmn-js-properties-panel prior to 0.31.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize input in specially configured diagrams, which may allow attackers to inject arbitrary JavaScript in the embedding website. Recommendation Upgrade to version 0.31.0 or lat...
Cross-Site Scripting
Overview Versions of bpmn-js-properties-panel prior to 0.31.0 are vulnerable to Cross-Site Scripting XSS. The package fails to sanitize input in specially configured diagrams, which may allow attackers to inject arbitrary JavaScript in the embedding website. Recommendation Upgrade to version 0.31...