2 matches found
CVE-2021-32860
iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting XSS when handling untrusted modal titles. An attacker who is able to influence the field title when creating a iziModal instance is able to supply arbitrary html or javascript code that will be...
azureml_widgets (>=1.0.0 <=1.0.6) potentially affected by CVE-2021-32860 via izimodal (=1.5.1)
izimodal NPM version =1.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on izimodal and may be impacted: - azuremlwidgets =1.0.0, =1.0.6 Source cves: CVE-2021-32860 Source advisory: OSV:GHSA-H685-83W4-3PH3...