Improper Verification of Source of a Communication Channel
Overview Affected versions of this package are vulnerable to Improper Verification of Source of a Communication Channel via improper validation of cross-origin messages in the window message listeners. An attacker can hijack authenticated editing sessions by sending crafted postMessage events fro...