graphql-playground-html is vulnerable to cross-site scripting (XSS). The vulnerability exists through the improper handling of user input in renderPlaygroundPage()
.
CPE | Name | Operator | Version |
---|---|---|---|
@apollographql/graphql-playground-html | le | 1.6.19 | |
graphql-playground-html | le | 1.6.19 | |
graphql-playground-html | le | 1.6.19 |