Description
Json2html is a client side javascript HTML templating library with wrappers for both jQuery and Node.js. A vulnerability was found in moappi Json2html up to 1.1.x and classified as problematic. This issue affects some unknown processing of the file json2html.js. The manipulation leads to cross site scripting. The attack may be initiated remotely.
Recommendation
Update the node-json2html package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.2.0
- Patched version(s): 1.2.0
References
Related Issues
- Cross Site Scripting vulnerability in store2 - CVE-2024-57556
- Bootstrap Cross-site Scripting vulnerability - CVE-2016-10735
- protobufjs Prototype Pollution vulnerability - CVE-2023-36665
- chromedriver Command Injection vulnerability - CVE-2023-26156
- Tags:
- npm
- node-json2html
Anything's wrong? Let us know Last updated on February 03, 2023