2 matches found
@0xgg/echomd (>=1.0.0 <=1.0.4), @budibase/client (>=3.8.2 <=3.24.3) +117 more potentially affected by CVE-2020-7691 via jspdf (>=1.0.272 <=1.5.2)
jspdf NPM version =1.0.272, =1.0.0, =3.8.2, =0.0.3, =1.0.0, =2.6.4, =1.54.0, =0.2.1, =1.1.4, =0.0.0-dev.0ebca38, =1.0.0, =0.0.98, =1.15.0-alpha.1, =1.18.11 and more Source cves: CVE-2020-7691 Source advisory: OSV:GHSA-3Q6F-8GRX-PR4V...
CVE-2020-7691 Cross-site Scripting (XSS)
In all versions of the package jspdf, it is possible to use script in order to go over the filtering regex...