backbone@0.3.3 vulnerabilities

Give your JS App some Backbone with Models, Views, Collections, and Events.

Direct Vulnerabilities

Known vulnerabilities in the backbone package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

Potential XSS Exploit With User-Supplied Data in Model#escape

In applications that use the escape function, a specially-crafted payload could execute arbitrary JavaScript in the context of the current domain ("XSS").

This vulnerability has not been assigned CVE identifier.

<0.5.0