All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2020-07-06T12:25:21
Updated: 2024-08-04T09:41:01.475Z
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7690
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-07-06T13:15:10.610
Modified: 2023-02-02T19:51:43.687
Link: CVE-2020-7690
Redhat
No data.