4 matches found
CVE-2020-7690
All affected versions 2.0.0 of package jspdf are vulnerable to Cross-site Scripting XSS. It is possible to inject JavaScript code via the html method...
Cross-site scripting in jspdf
Overview In jspdf before version 2.0.0 it is possible to inject JavaScript code via the html method. Recommendation Upgrade to version 2.0.0 or later References - CVE - GitHub Advisory...
CVE-2020-7690
CVE-2020-7690 affects jspdf versions before 2.0.0, where the html() method can be used to inject JavaScript via XSS. Affected software is jspdf prior to 2.0.0; the vulnerability enables executing injected scripts in user-controlled contexts. The Red Hat, GitHub Advisory, npm Advisory, and CVE rec...
CVE-2020-7690
All affected versions 2.0.0 of package jspdf are vulnerable to Cross-site Scripting XSS. It is possible to inject JavaScript code via the html method...