Description
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS.
Recommendation
Update the epubjs package to the latest compatible version. Followings are version details:
- Affected version(s): < 0.3.89
- Patched version(s): 0.3.89
References
Related Issues
- Joplin Cross Site Scripting Vulnerability via NOSCRIPT tags - CVE-2021-33295
- Cross-site Scripting in Mermaid - CVE-2021-35513
- Cross-site Scripting in quill - CVE-2021-3163
- vditor Vulnerable to Cross-site Scripting in SVG events - CVE-2021-4103
You might also like:
- Tags:
- npm
- epubjs
Anything's wrong? Let us know Last updated on September 21, 2023


