Fix JavaScript vulnerabilities in your project with Snyk (or try the free & open source CLI)
Test and protect my website
JavaScript Libraries with vulnerabilities
✓ Great job! No known versions of vulnerable JavaScript libraries were detected in this website.
Monitor my web application's project dependencies
Security headers
HTTP security headers enable better browser security policies.
Successfully detected the following security headers:
Recently-discovered vulnerabilities on the Snyk database:
| Date disclosed | Vulnerable library | Vulnerable version detected | Vulnerability |
|---|---|---|---|
| 2020/06/11 |
|
<1.8.0 | Cross-site Scripting (XSS) |
| 2020/06/07 |
|
<1.8.0 | Cross-site Scripting (XSS) |
| 2020/05/19 |
|
<1.9.0 | Cross-site Scripting (XSS) |
| 2020/05/11 |
|
<0.8.18 | Cross-site Scripting (XSS) |
| 2020/04/29 |
|
>=1.2.0 <3.5.0 | Cross-site Scripting (XSS) |
| 2020/04/28 |
|
<4.17.16 | Prototype Pollution |
| 2020/04/13 |
|
>=1.0.3 <3.5.0 | Cross-site Scripting (XSS) |
| 2019/07/02 |
|
<4.17.12 | Prototype Pollution |
| 2019/02/15 |
|
<3.4.1,>=4.0.0 <4.3.1 | Cross-site Scripting (XSS) |
New vulnerabilities are continuously found for jQuery, lodash, Angular and other libraries.
Monitor these libraries to protect your web application.
Stay up to date on CVEs by connecting your project to Snyk to receive automated notifications & fixes.
❌
The following security headers are missing from the website:
medium severity
X Frame Options
Clickjacking protection: deny - no rendering within a frame, sameorigin - no rendering if origin mismatch, allow-from - allow from specified location, allowall - non-standard, allow from any location
high severity
Content Security Policy
A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context