CVE-2020-7690

EPSS 1.0%CWE-79

All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method.

Affected products

n/a · jspdf

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/MrRio/jsPDF/issues/2795 https://snyk.io/vuln/SNYK-JS-JSPDF-575256