63 matches found
Cross-Site Scripting (XSS)
prismJS is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary javascript via the url function of Previewers plugin...
CVE-2020-15138
A flaw was found in nodejs-prismjs. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code...
@blackbaud/skyux-lib-code-block (>=2.0.0-rc.2 <=4.0.0), @branchbob/aton (=0.1.5) +52 more potentially affected by CVE-2020-15138 via prismjs (=1.20.0)
prismjs NPM version =1.20.0 is affected by a known vulnerability. The following packages have a transitive dependency on prismjs and may be impacted: - @blackbaud/skyux-lib-code-block =2.0.0-rc.2, =0.1.0, =0.3.0, =0.1.0, =2.5.1-canary.2, =0.0.0-canary-0d962cfee89535eb8a5e91631f82f4b97dd6d1e6,...