bracket-template@1.1.5 vulnerabilities

Javascript templates

latest version

1.1.5
first published

7 years ago
latest version published

7 years ago
licenses detected
- MIT
  >=0
View bracket-template package health on Snyk Advisor Open this link in a new tab

Known vulnerabilities in the bracket-template package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS) bracket-template is a Bracket-Template support for JSTransformers. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows to inject arbitrary JavaScript tag and malicious code to execute when variables read from GET are used directly in template without sanitization.	*
H Cross-site Scripting (XSS) bracket-template is a Bracket-Template support for JSTransformers. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). It allows to inject arbitrary JavaScript tag and malicious code to execute when variables read from GET are used directly in template without sanitization.	*