stimulsoft-dashboards-js@2022.1.6 vulnerabilities

Stimulsoft Dashboards.JS is a dashboards tool for Node.js

latest version

2024.2.5
latest non vulnerable version

2024.2.5
first published

5 years ago
latest version published

10 days ago
licenses detected
- Unknown
  >=0
View stimulsoft-dashboards-js package health on Snyk Advisor Open this link in a new tab

Known vulnerabilities in the stimulsoft-dashboards-js package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS) stimulsoft-dashboards-js is a Stimulsoft Dashboards.JS is a dashboards tool for Node.js Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `ReportName` field. An attacker can execute arbitrary code by injecting a crafted payload. How to fix Cross-site Scripting (XSS)? Upgrade `stimulsoft-dashboards-js` to version 2024.1.3 or higher.	<2024.1.3
H Path Traversal stimulsoft-dashboards-js is a Stimulsoft Dashboards.JS is a dashboards tool for Node.js Affected versions of this package are vulnerable to Path Traversal via the `Save` function. An attacker can execute arbitrary code by sending a crafted payload to the `fileName` parameter. How to fix Path Traversal? Upgrade `stimulsoft-dashboards-js` to version 2024.1.3 or higher.	<2024.1.3
M Cross-site Scripting stimulsoft-dashboards-js is a Stimulsoft Dashboards.JS is a dashboards tool for Node.js Affected versions of this package are vulnerable to Cross-site Scripting via the `search bar` component. An attacker can execute arbitrary code by injecting a crafted payload. How to fix Cross-site Scripting? Upgrade `stimulsoft-dashboards-js` to version 2024.1.3 or higher.	<2024.1.3