@activitypods/react (>=2.0.0-alpha.13 <=2.2.0), @amplicode/addon-camunda (>=0.0.1-snapshot.1 <=0.0.1-snapshot.9) +58 more potentially affected by CVE-2023-25572 via ra-ui-materialui (>=4.12.0 <=4.16.20)

ra-ui-materialui NPM version =4.12.0, =2.0.0-alpha.13, =0.0.1-snapshot.1, =0.0.1-snapshot.1, =0.0.1, =3.0.0, =1.0.10, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.4, =0.1.33, =4.0.0, =1.1.0, =1.0.0, =1.6.7 and more Source cves: CVE-2023-25572 Source advisory: OSV:GHSA-5JCR-82FH-339V...

Cross site scripting

react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and usi...