CVE-2020-7690

EPSS 1.0%CWE-79

All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method.

Produtos afetados

n/a · jspdf

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/MrRio/jsPDF/issues/2795 https://snyk.io/vuln/SNYK-JS-JSPDF-575256