Filtered by vendor Parall
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-7690 | 1 Parall | 1 Jspdf | 2023-02-02 | 6.1 Medium |
All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method. | ||||
CVE-2021-23353 | 1 Parall | 1 Jspdf | 2021-03-18 | 7.5 High |
This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function. | ||||
CVE-2020-7691 | 1 Parall | 1 Jspdf | 2020-07-10 | 6.1 Medium |
In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex. |
Page 1 of 1.