High severityGHSA Advisory· Published Sep 1, 2020· Updated Aug 3, 2022
fuelux vulnerable to Cross-Site Scripting in Pillbox feature
CVE-2016-1000235
Description
Affected versions of fuelux contain a cross-site scripting vulnerability in the Pillbox feature. By supplying a script as a value for a new pillbox, it is possible to cause arbitrary script execution.
Recommendation
Update to version 3.15.7 or later.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
fueluxnpm | < 3.15.7 | 3.15.7 |
Affected products
2- Range: < 3.15.7
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.