Description
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS.
Recommendation
Update the epubjs package to the latest compatible version. Followings are version details:
- Affected version(s): < 0.3.89
- Patched version(s): 0.3.89
References
Related Issues
- Options structure open to Cross-site Scripting if passed unfiltered - CVE-2021-29489
- Cross-site scripting in react-bootstrap-table - CVE-2021-23398
- Cross-site Scripting in curly-bracket-parser - CVE-2021-23416
- Cross-site Scripting in file-upload-with-preview - CVE-2021-23439
- Tags:
- npm
- epubjs
Anything's wrong? Let us know Last updated on September 21, 2023