Potential for cross-site scripting in PostHog-js

Description

Potential for cross-site scripting in posthog-js.

Recommendation

Update the posthog-js package to the latest compatible version. Followings are version details:

• Affected version(s): < 1.57.2
• Patched version(s): 1.57.2

References

• GHSA-8775-5hwv-wr6v
• CVE-2023-32325
• CWE-79
• CAPEC-310
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• layui vulnerable to cross-site scripting - CVE-2023-3691
• Cross-site Scripting in cesium - CVE-2023-48094
• @excalidraw/excalidraw Cross-site Scripting vulnerability - CVE-2023-26140
• Layui cross-site scripting (XSS) vulnerability - CVE-2023-50550

You might also like:

How to Secure your NodeJs Express Javascript Application - part 1

How to Secure your NodeJs Express Javascript Application - part 2

10 Secure Coding Best Practices to Follow in Every Project

Tags:

npm

posthog-js