0.002 Low
EPSS
Percentile
52.6%
vis-timeline is vulnerable to cross-site scripting. An attacker is able to inject malicious code into the innerHTML property element.
innerHTML
github.com/visjs/vis-timeline/issues/838
github.com/visjs/vis-timeline/pull/840