Vulnerabilities/

Raneto vulnerable to Cross-site Scripting

Severity:: Medium

Description

Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This issue is fixed in version 0.17.1.

Recommendation

Update the raneto package to the latest compatible version. Followings are version details:

Affected version(s): <= 0.17.0
Patched version(s): 0.17.1

References

Related Issues

Jodit Editor vulnerable to Cross-site Scripting (GHSA-42hx-vrxx-5r6v) - CVE-2022-23461
materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input - CVE-2022-25349
Toast UI Grid vulnerable to Cross-site Scripting - CVE-2022-23458
@dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details - CVE-2022-39350

Tags:: npm; raneto

Anything's wrong? Let us know Last updated on September 11, 2023