Description
The jquery.json-viewer library before version 1.5.0 for Node.js does not properly escape characters such as < in a JSON object, as demonstrated by a SCRIPT element.
Recommendation
Update the jquery.json-viewer package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.5.0
- Patched version(s): 1.5.0
References
Related Issues
- static-server Path Traversal vulnerability - CVE-2023-26152
- chromedriver Downloads Resources over HTTP - CVE-2016-10579
- Denial of service in http-proxy-middleware - CVE-2024-21536
- parse is vulnerable to prototype pollution - CVE-2025-57324
- Tags:
- npm
- jquery.json-viewer
Anything's wrong? Let us know Last updated on February 01, 2023