High severityNVD Advisory· Published Apr 11, 2022· Updated Aug 2, 2024
Prototype Pollution in alvarotrigo/fullpage.js
CVE-2022-1295
Description
Prototype Pollution in GitHub repository alvarotrigo/fullpage.js prior to 4.0.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Prototype pollution in fullpage.js before 4.0.2 lets attackers inject arbitrary properties via crafted input, leading to potential RCE or XSS.
## Vulnerability fullpage.js versions prior to 4.0.2 are susceptible to prototype pollution, a JavaScript vulnerability where an attacker can inject arbitrary properties into an object's prototype. The flaw resides in the library's handling of user-supplied options, which are merged without proper sanitization. This allows an attacker to pollute Object.prototype with malicious properties [1][2]. The library is widely used for creating fullscreen scrolling websites and is available for Vue, React, and Angular frameworks [1].
Exploitation
An attacker can exploit this vulnerability by providing a crafted object (e.g., via query parameters, form inputs, or configuration options) that includes __proto__ or constructor.prototype keys. When fullpage.js processes these options, the malicious properties are merged into the global object prototype. No authentication or special network position beyond the ability to supply input to the library is required [2][3].
Impact
Successful prototype pollution can lead to severe consequences, including arbitrary code execution (RCE) via deserialization gadgets, cross-site scripting (XSS), and denial of service. The attacker can overwrite existing properties or inject new ones, potentially affecting all objects in the application and enabling further attacks depending on the environment [2][4].
Mitigation
The vulnerability was fixed in fullpage.js version 4.0.2, released on or before April 11, 2022 [2][3]. All users should upgrade to version 4.0.2 or later. If upgrading is not immediately possible, avoid passing user-controlled data directly into fullpage.js options without sanitization [1][2]. The issue was reported via huntr.dev [2][4].
References
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
fullpage.jsnpm | < 4.0.2 | 4.0.2 |
Affected products
3- Range: <4.0.2
- alvarotrigo/alvarotrigo/fullpage.jsv5Range: unspecified
Patches
1bf62492a22e5Merge pull request #4351 from alvarotrigo/dev
16 files changed · +17 −16
dist/fullpage.css+1 −1 modified@@ -1,5 +1,5 @@ /*! - * fullPage 4.0.1 + * fullPage 4.0.2 * https://github.com/alvarotrigo/fullPage.js * * @license GPLv3 for open source use only
dist/fullpage.extensions.min.js+1 −1 modifieddist/fullpage.js+1 −1 modified@@ -5528,7 +5528,7 @@ }; //public functions - FP.version = '4.0.1'; + FP.version = '4.0.2'; FP.test = Object.assign(FP.test, { top: '0px', translate3d: 'translate3d(0px, 0px, 0px)',
dist/fullpage.min.css+1 −1 modified@@ -1,5 +1,5 @@ /*! - * fullPage 4.0.1 + * fullPage 4.0.2 * https://github.com/alvarotrigo/fullPage.js * * @license GPLv3 for open source use only
dist/fullpage.min.css.map+1 −1 modified@@ -1 +1 @@ -{"version":3,"sources":["fullpage.css"],"names":[],"mappings":"AAAA;;;;;;;;;AAWA,iBADA,gBAEI,OAAQ,EACR,QAAS,EACT,SAAS,OAGT,4BAA6B,cAEjC,YACI,SAAU,SACV,mBAAoB,WACpB,gBAAiB,WACjB,WAAY,WACZ,OAAQ,KACR,QAAS,MAEb,UACI,MAAO,KAEX,UAAW,oBACP,OAAQ,KACR,QAAS,MAEb,WACI,QAAQ,EACR,OAAQ,KACR,SAAU,OACV,SAAU,SACV,mBAAoB,IAAI,IAAK,SAC7B,WAAY,IAAI,IAAK,SAEzB,UACI,QAAS,KACT,eAAgB,OAChB,gBAAiB,OACjB,MAAO,KAOX,oBACI,MAAO,KACP,SAAU,SAEd,iBACI,oBAAqB,KACrB,iBAAkB,KAClB,mBAAoB,KACpB,gBAAiB,KACjB,SAAU,SACV,QAAS,EACT,IAAK,IACL,OAAQ,QACR,WAAY,MACZ,kBAAmB,mBACnB,cAAe,mBACf,UAAW,mBAEf,SACI,KAAM,KAEV,SACI,MAAO,KAEX,UACI,MAAO,EACP,OAAQ,EACR,aAAc,MAElB,kBACI,aAAc,OAAO,KAAK,OAAO,EACjC,aAAc,YAAY,KAAK,YAAY,YAE/C,kBACI,aAAc,OAAO,EAAE,OAAO,KAC9B,aAAc,YAAY,YAAY,YAAY,KAYtD,iBACI,mBAAoB,eACpB,WAAY,eAEhB,QACI,SAAU,MACV,QAAS,IACT,IAAK,IACL,QAAS,EACT,UAAW,iBACX,cAAe,iBACf,kBAAmB,sBAEvB,iBACI,MAAO,KAEX,gBACI,KAAM,KAEV,cACI,SAAU,SACV,QAAS,EACT,QAAS,EACT,kBAAmB,mBACnB,cAAe,mBACf,UAAW,mBACX,KAAM,YACN,MAAO,EACP,OAAQ,EAAE,eAEd,wBACI,OAAQ,KAEZ,qBACI,IAAK,KAET,WACA,iBACE,OAAQ,EACR,QAAS,EAEX,cACA,oBACI,QAAS,MACT,MAAO,KACP,OAAQ,KACR,OAAQ,IACR,SAAS,SAEb,oBACI,QAAS,aAEb,gBACA,sBACI,QAAS,MACT,SAAU,SACV,QAAS,EACT,MAAO,KACP,OAAQ,KACR,OAAQ,QACR,gBAAiB,KAErB,4BAEA,kCADA,kCAEA,wCACI,OAAQ,KACR,MAAO,KACP,OAAQ,KAAK,EAAE,EAAE,KACjB,cAAe,KAEnB,qBACA,2BACI,cAAe,IACf,SAAU,SACV,QAAS,EACT,OAAQ,IACR,MAAO,IACP,OAAQ,EACR,WAAY,KACZ,KAAM,IACN,IAAK,IACL,OAAQ,KAAK,EAAE,EAAE,KACjB,mBAAoB,IAAI,IAAK,YAC7B,gBAAiB,IAAI,IAAK,YAC1B,cAAe,IAAI,IAAK,YACxB,WAAY,IAAI,IAAK,YAEzB,2BACA,iCACI,MAAO,KACP,OAAQ,KACR,OAAQ,KAAK,EAAI,EAAI,KAEzB,0BACI,SAAU,SACV,IAAK,KACL,MAAO,KACP,UAAW,KACX,YAAa,KAAK,CAAE,SAAS,CAAE,WAC/B,YAAa,OACb,UAAW,MACX,SAAU,OACV,QAAS,MACT,QAAS,EACT,MAAO,EACP,OAAQ,QAEZ,gCACA,4CACI,mBAAoB,QAAQ,IAAK,QACjC,WAAY,QAAQ,IAAK,QACzB,MAAO,KACP,QAAS,EAEb,mCACI,MAAO,KAEX,kCACI,KAAM,KAGV,0BADA,2BAEI,OAAQ,eAIZ,2BACA,yBAEG,OAAQ,MACR,OAAQ,0BAIX,aACI,gBAAiB,WAGrB,aACI,WAAY,OACZ,OAAQ,KACR,QAAQ,EAGZ,sBACI,QAAS,MAIb,oDADA,qDAEI,OAAQ,eAIZ,YACI,SAAU,SACV,MAAO,IACP,OAAQ,IACR,QAAS,EACT,SAAU,OACV,KAAM,cACN,YAAa,OACb,OAAQ,EAGZ,UACI,WAAY,eACZ,OAAQ,eAEZ,eACI,OAAQ,eACR,qBAAsB,EAAE,UACpB,iBAAkB,EAAE,UACpB,WAAY,iBACZ,gBAAiB,OAEzB,sBACI,kBAAmB,MAEvB,4BACI,OAAQ,eAIZ,sBACI,gBAAiB,gBACjB,iBAAkB,eAKtB,+CACI,iBAAkB,YAClB,MAAO,IAEX,qDACI,iBAAkB,YAEtB,qDACI,iBAAkB,eAClB,cAAe,KACf,OAAQ,IAAI,MAAM,YAEtB,YACA,cACI,QAAS,QACT,SAAU,SACV,OAAQ,EAEZ,YACA,gBACI,gBAAiB,KACjB,MAAO,KACP,WAAY,qBACZ,QAAS,IAAI,IACb,UAAW,KACX,YAAa,MACb,MAAO,KACP,QAAS,aACT,cAAe,IACf,OAAQ","file":"fullpage.min.css","sourcesContent":["/*!\r\n * fullPage 4.0.1\r\n * https://github.com/alvarotrigo/fullPage.js\r\n *\r\n * @license GPLv3 for open source use only\r\n * or Fullpage Commercial License for commercial use\r\n * http://alvarotrigo.com/fullPage/pricing/\r\n *\r\n * Copyright (C) 2021 http://alvarotrigo.com/fullPage - A project by Alvaro Trigo\r\n */\r\nhtml.fp-enabled,\r\n.fp-enabled body {\r\n margin: 0;\r\n padding: 0;\r\n overflow:hidden;\r\n\r\n /*Avoid flicker on slides transitions for mobile phones #336 */\r\n -webkit-tap-highlight-color: rgba(0,0,0,0);\r\n}\r\n.fp-section {\r\n position: relative;\r\n -webkit-box-sizing: border-box; /* Safari<=5 Android<=3 */\r\n -moz-box-sizing: border-box; /* <=28 */\r\n box-sizing: border-box;\r\n height: 100%;\r\n display: block;\r\n}\r\n.fp-slide {\r\n float: left;\r\n}\r\n.fp-slide, .fp-slidesContainer {\r\n height: 100%;\r\n display: block;\r\n}\r\n.fp-slides {\r\n z-index:1;\r\n height: 100%;\r\n overflow: hidden;\r\n position: relative;\r\n -webkit-transition: all 0.3s ease-out; /* Safari<=6 Android<=4.3 */\r\n transition: all 0.3s ease-out;\r\n}\r\n.fp-table{\r\n display: flex;\r\n flex-direction: column;\r\n justify-content: center;\r\n width: 100%;\r\n}\r\n/* .fp-table::before , \r\n.fp-table::after {\r\n content:'';\r\n flex:1;\r\n} */\r\n.fp-slidesContainer {\r\n float: left;\r\n position: relative;\r\n}\r\n.fp-controlArrow {\r\n -webkit-user-select: none; /* webkit (safari, chrome) browsers */\r\n -moz-user-select: none; /* mozilla browsers */\r\n -khtml-user-select: none; /* webkit (konqueror) browsers */\r\n -ms-user-select: none; /* IE10+ */\r\n position: absolute;\r\n z-index: 4;\r\n top: 50%;\r\n cursor: pointer;\r\n margin-top: -38px;\r\n -webkit-transform: translate3d(0,0,0);\r\n -ms-transform: translate3d(0,0,0);\r\n transform: translate3d(0,0,0);\r\n}\r\n.fp-prev{\r\n left: 15px;\r\n}\r\n.fp-next{\r\n right: 15px;\r\n}\r\n.fp-arrow{\r\n width: 0;\r\n height: 0;\r\n border-style: solid;\r\n}\r\n.fp-arrow.fp-prev {\r\n border-width: 38.5px 34px 38.5px 0;\r\n border-color: transparent #fff transparent transparent;\r\n}\r\n.fp-arrow.fp-next {\r\n border-width: 38.5px 0 38.5px 34px;\r\n border-color: transparent transparent transparent #fff;\r\n}\r\n/* .fp-scrollable {\r\n overflow: hidden;\r\n position: relative;\r\n} */\r\n/* .fp-scroller{\r\n overflow: hidden;\r\n} */\r\n/* .iScrollIndicator{\r\n border: 0 !important;\r\n} */\r\n.fp-notransition {\r\n -webkit-transition: none !important;\r\n transition: none !important;\r\n}\r\n#fp-nav {\r\n position: fixed;\r\n z-index: 100;\r\n top: 50%;\r\n opacity: 1;\r\n transform: translateY(-50%);\r\n -ms-transform: translateY(-50%);\r\n -webkit-transform: translate3d(0,-50%,0);\r\n}\r\n#fp-nav.fp-right {\r\n right: 17px;\r\n}\r\n#fp-nav.fp-left {\r\n left: 17px;\r\n}\r\n.fp-slidesNav{\r\n position: absolute;\r\n z-index: 4;\r\n opacity: 1;\r\n -webkit-transform: translate3d(0,0,0);\r\n -ms-transform: translate3d(0,0,0);\r\n transform: translate3d(0,0,0);\r\n left: 0 !important;\r\n right: 0;\r\n margin: 0 auto !important;\r\n}\r\n.fp-slidesNav.fp-bottom {\r\n bottom: 17px;\r\n}\r\n.fp-slidesNav.fp-top {\r\n top: 17px;\r\n}\r\n#fp-nav ul,\r\n.fp-slidesNav ul {\r\n margin: 0;\r\n padding: 0;\r\n}\r\n#fp-nav ul li,\r\n.fp-slidesNav ul li {\r\n display: block;\r\n width: 14px;\r\n height: 13px;\r\n margin: 7px;\r\n position:relative;\r\n}\r\n.fp-slidesNav ul li {\r\n display: inline-block;\r\n}\r\n#fp-nav ul li a,\r\n.fp-slidesNav ul li a {\r\n display: block;\r\n position: relative;\r\n z-index: 1;\r\n width: 100%;\r\n height: 100%;\r\n cursor: pointer;\r\n text-decoration: none;\r\n}\r\n#fp-nav ul li a.active span,\r\n.fp-slidesNav ul li a.active span,\r\n#fp-nav ul li:hover a.active span,\r\n.fp-slidesNav ul li:hover a.active span{\r\n height: 12px;\r\n width: 12px;\r\n margin: -6px 0 0 -6px;\r\n border-radius: 100%;\r\n }\r\n#fp-nav ul li a span,\r\n.fp-slidesNav ul li a span {\r\n border-radius: 50%;\r\n position: absolute;\r\n z-index: 1;\r\n height: 4px;\r\n width: 4px;\r\n border: 0;\r\n background: #333;\r\n left: 50%;\r\n top: 50%;\r\n margin: -2px 0 0 -2px;\r\n -webkit-transition: all 0.1s ease-in-out;\r\n -moz-transition: all 0.1s ease-in-out;\r\n -o-transition: all 0.1s ease-in-out;\r\n transition: all 0.1s ease-in-out;\r\n}\r\n#fp-nav ul li:hover a span,\r\n.fp-slidesNav ul li:hover a span{\r\n width: 10px;\r\n height: 10px;\r\n margin: -5px 0px 0px -5px;\r\n}\r\n#fp-nav ul li .fp-tooltip {\r\n position: absolute;\r\n top: -2px;\r\n color: #fff;\r\n font-size: 14px;\r\n font-family: arial, helvetica, sans-serif;\r\n white-space: nowrap;\r\n max-width: 220px;\r\n overflow: hidden;\r\n display: block;\r\n opacity: 0;\r\n width: 0;\r\n cursor: pointer;\r\n}\r\n#fp-nav ul li:hover .fp-tooltip,\r\n#fp-nav.fp-show-active a.active + .fp-tooltip {\r\n -webkit-transition: opacity 0.2s ease-in;\r\n transition: opacity 0.2s ease-in;\r\n width: auto;\r\n opacity: 1;\r\n}\r\n#fp-nav ul li .fp-tooltip.fp-right {\r\n right: 20px;\r\n}\r\n#fp-nav ul li .fp-tooltip.fp-left {\r\n left: 20px;\r\n}\r\n.fp-auto-height.fp-section,\r\n.fp-auto-height .fp-slide{\r\n height: auto !important;\r\n}\r\n\r\n/* Used with autoScrolling: false */ \r\n.fp-scrollable .fp-section,\r\n.fp-scrollable .fp-slide{\r\n /* Fallback for browsers that do not support Custom Properties */\r\n height: 100vh;\r\n height: calc(var(--vh, 1vh) * 100);\r\n}\r\n\r\n/* Disabling vertical centering on scrollable elements */\r\n.fp-overflow{\r\n justify-content: flex-start;\r\n}\r\n\r\n.fp-overflow{\r\n overflow-y: scroll;\r\n height: 100%;\r\n outline:none;\r\n}\r\n\r\n.fp-overflow.fp-table{\r\n display: block;\r\n}\r\n\r\n.fp-responsive .fp-auto-height-responsive.fp-section,\r\n.fp-responsive .fp-auto-height-responsive .fp-slide{\r\n height: auto !important;\r\n}\r\n\r\n/*Only display content to screen readers*/\r\n.fp-sr-only{\r\n position: absolute;\r\n width: 1px;\r\n height: 1px;\r\n padding: 0;\r\n overflow: hidden;\r\n clip: rect(0, 0, 0, 0);\r\n white-space: nowrap;\r\n border: 0;\r\n}\r\n\r\n.fp-snaps{\r\n overflow-y: auto !important;\r\n height: 100% !important;\r\n}\r\n.fp-snaps body{\r\n height: 100% !important;\r\n -ms-scroll-snap-type: y mandatory;\r\n scroll-snap-type: y mandatory;\r\n overflow-y: scroll !important;\r\n scroll-behavior: smooth;\r\n}\r\n.fp-snaps .fp-section{\r\n scroll-snap-align: start;\r\n}\r\n.fp-snaps .fullpage-wrapper{\r\n height: auto !important;\r\n}\r\n\r\n/* Used for DragAndMove*/\r\n.fp-disable-snap body{\r\n scroll-behavior: unset !important;\r\n scroll-snap-type: none !important;\r\n}\r\n\r\n/* Customize website's scrollbar like Mac OS\r\nNot supports in Firefox and IE */\r\n.fp-scroll-mac .fp-overflow::-webkit-scrollbar {\r\n background-color: transparent;\r\n width: 9px;\r\n}\r\n.fp-scroll-mac .fp-overflow::-webkit-scrollbar-track {\r\n background-color: transparent;\r\n}\r\n.fp-scroll-mac .fp-overflow::-webkit-scrollbar-thumb {\r\n background-color: rgba(0,0,0,.4);\r\n border-radius: 16px;\r\n border: 4px solid transparent;\r\n}\r\n.fp-warning,\r\n.fp-watermark{\r\n z-index: 9999999;\r\n position: absolute;\r\n bottom: 0;\r\n}\r\n.fp-warning,\r\n.fp-watermark a{\r\n text-decoration: none;\r\n color: #000;\r\n background: rgba(255,255,255,0.6);\r\n padding: 5px 8px;\r\n font-size: 14px;\r\n font-family: arial;\r\n color: black;\r\n display: inline-block;\r\n border-radius: 3px;\r\n margin: 12px;\r\n}"]} \ No newline at end of file +{"version":3,"sources":["fullpage.css"],"names":[],"mappings":"AAAA;;;;;;;;;AAWA,iBADA,gBAEI,OAAQ,EACR,QAAS,EACT,SAAS,OAGT,4BAA6B,cAEjC,YACI,SAAU,SACV,mBAAoB,WACpB,gBAAiB,WACjB,WAAY,WACZ,OAAQ,KACR,QAAS,MAEb,UACI,MAAO,KAEX,UAAW,oBACP,OAAQ,KACR,QAAS,MAEb,WACI,QAAQ,EACR,OAAQ,KACR,SAAU,OACV,SAAU,SACV,mBAAoB,IAAI,IAAK,SAC7B,WAAY,IAAI,IAAK,SAEzB,UACI,QAAS,KACT,eAAgB,OAChB,gBAAiB,OACjB,MAAO,KAOX,oBACI,MAAO,KACP,SAAU,SAEd,iBACI,oBAAqB,KACrB,iBAAkB,KAClB,mBAAoB,KACpB,gBAAiB,KACjB,SAAU,SACV,QAAS,EACT,IAAK,IACL,OAAQ,QACR,WAAY,MACZ,kBAAmB,mBACnB,cAAe,mBACf,UAAW,mBAEf,SACI,KAAM,KAEV,SACI,MAAO,KAEX,UACI,MAAO,EACP,OAAQ,EACR,aAAc,MAElB,kBACI,aAAc,OAAO,KAAK,OAAO,EACjC,aAAc,YAAY,KAAK,YAAY,YAE/C,kBACI,aAAc,OAAO,EAAE,OAAO,KAC9B,aAAc,YAAY,YAAY,YAAY,KAYtD,iBACI,mBAAoB,eACpB,WAAY,eAEhB,QACI,SAAU,MACV,QAAS,IACT,IAAK,IACL,QAAS,EACT,UAAW,iBACX,cAAe,iBACf,kBAAmB,sBAEvB,iBACI,MAAO,KAEX,gBACI,KAAM,KAEV,cACI,SAAU,SACV,QAAS,EACT,QAAS,EACT,kBAAmB,mBACnB,cAAe,mBACf,UAAW,mBACX,KAAM,YACN,MAAO,EACP,OAAQ,EAAE,eAEd,wBACI,OAAQ,KAEZ,qBACI,IAAK,KAET,WACA,iBACE,OAAQ,EACR,QAAS,EAEX,cACA,oBACI,QAAS,MACT,MAAO,KACP,OAAQ,KACR,OAAQ,IACR,SAAS,SAEb,oBACI,QAAS,aAEb,gBACA,sBACI,QAAS,MACT,SAAU,SACV,QAAS,EACT,MAAO,KACP,OAAQ,KACR,OAAQ,QACR,gBAAiB,KAErB,4BAEA,kCADA,kCAEA,wCACI,OAAQ,KACR,MAAO,KACP,OAAQ,KAAK,EAAE,EAAE,KACjB,cAAe,KAEnB,qBACA,2BACI,cAAe,IACf,SAAU,SACV,QAAS,EACT,OAAQ,IACR,MAAO,IACP,OAAQ,EACR,WAAY,KACZ,KAAM,IACN,IAAK,IACL,OAAQ,KAAK,EAAE,EAAE,KACjB,mBAAoB,IAAI,IAAK,YAC7B,gBAAiB,IAAI,IAAK,YAC1B,cAAe,IAAI,IAAK,YACxB,WAAY,IAAI,IAAK,YAEzB,2BACA,iCACI,MAAO,KACP,OAAQ,KACR,OAAQ,KAAK,EAAI,EAAI,KAEzB,0BACI,SAAU,SACV,IAAK,KACL,MAAO,KACP,UAAW,KACX,YAAa,KAAK,CAAE,SAAS,CAAE,WAC/B,YAAa,OACb,UAAW,MACX,SAAU,OACV,QAAS,MACT,QAAS,EACT,MAAO,EACP,OAAQ,QAEZ,gCACA,4CACI,mBAAoB,QAAQ,IAAK,QACjC,WAAY,QAAQ,IAAK,QACzB,MAAO,KACP,QAAS,EAEb,mCACI,MAAO,KAEX,kCACI,KAAM,KAGV,0BADA,2BAEI,OAAQ,eAIZ,2BACA,yBAEG,OAAQ,MACR,OAAQ,0BAIX,aACI,gBAAiB,WAGrB,aACI,WAAY,OACZ,OAAQ,KACR,QAAQ,EAGZ,sBACI,QAAS,MAIb,oDADA,qDAEI,OAAQ,eAIZ,YACI,SAAU,SACV,MAAO,IACP,OAAQ,IACR,QAAS,EACT,SAAU,OACV,KAAM,cACN,YAAa,OACb,OAAQ,EAGZ,UACI,WAAY,eACZ,OAAQ,eAEZ,eACI,OAAQ,eACR,qBAAsB,EAAE,UACpB,iBAAkB,EAAE,UACpB,WAAY,iBACZ,gBAAiB,OAEzB,sBACI,kBAAmB,MAEvB,4BACI,OAAQ,eAIZ,sBACI,gBAAiB,gBACjB,iBAAkB,eAKtB,+CACI,iBAAkB,YAClB,MAAO,IAEX,qDACI,iBAAkB,YAEtB,qDACI,iBAAkB,eAClB,cAAe,KACf,OAAQ,IAAI,MAAM,YAEtB,YACA,cACI,QAAS,QACT,SAAU,SACV,OAAQ,EAEZ,YACA,gBACI,gBAAiB,KACjB,MAAO,KACP,WAAY,qBACZ,QAAS,IAAI,IACb,UAAW,KACX,YAAa,MACb,MAAO,KACP,QAAS,aACT,cAAe,IACf,OAAQ","file":"fullpage.min.css","sourcesContent":["/*!\r\n * fullPage 4.0.2\r\n * https://github.com/alvarotrigo/fullPage.js\r\n *\r\n * @license GPLv3 for open source use only\r\n * or Fullpage Commercial License for commercial use\r\n * http://alvarotrigo.com/fullPage/pricing/\r\n *\r\n * Copyright (C) 2021 http://alvarotrigo.com/fullPage - A project by Alvaro Trigo\r\n */\r\nhtml.fp-enabled,\r\n.fp-enabled body {\r\n margin: 0;\r\n padding: 0;\r\n overflow:hidden;\r\n\r\n /*Avoid flicker on slides transitions for mobile phones #336 */\r\n -webkit-tap-highlight-color: rgba(0,0,0,0);\r\n}\r\n.fp-section {\r\n position: relative;\r\n -webkit-box-sizing: border-box; /* Safari<=5 Android<=3 */\r\n -moz-box-sizing: border-box; /* <=28 */\r\n box-sizing: border-box;\r\n height: 100%;\r\n display: block;\r\n}\r\n.fp-slide {\r\n float: left;\r\n}\r\n.fp-slide, .fp-slidesContainer {\r\n height: 100%;\r\n display: block;\r\n}\r\n.fp-slides {\r\n z-index:1;\r\n height: 100%;\r\n overflow: hidden;\r\n position: relative;\r\n -webkit-transition: all 0.3s ease-out; /* Safari<=6 Android<=4.3 */\r\n transition: all 0.3s ease-out;\r\n}\r\n.fp-table{\r\n display: flex;\r\n flex-direction: column;\r\n justify-content: center;\r\n width: 100%;\r\n}\r\n/* .fp-table::before , \r\n.fp-table::after {\r\n content:'';\r\n flex:1;\r\n} */\r\n.fp-slidesContainer {\r\n float: left;\r\n position: relative;\r\n}\r\n.fp-controlArrow {\r\n -webkit-user-select: none; /* webkit (safari, chrome) browsers */\r\n -moz-user-select: none; /* mozilla browsers */\r\n -khtml-user-select: none; /* webkit (konqueror) browsers */\r\n -ms-user-select: none; /* IE10+ */\r\n position: absolute;\r\n z-index: 4;\r\n top: 50%;\r\n cursor: pointer;\r\n margin-top: -38px;\r\n -webkit-transform: translate3d(0,0,0);\r\n -ms-transform: translate3d(0,0,0);\r\n transform: translate3d(0,0,0);\r\n}\r\n.fp-prev{\r\n left: 15px;\r\n}\r\n.fp-next{\r\n right: 15px;\r\n}\r\n.fp-arrow{\r\n width: 0;\r\n height: 0;\r\n border-style: solid;\r\n}\r\n.fp-arrow.fp-prev {\r\n border-width: 38.5px 34px 38.5px 0;\r\n border-color: transparent #fff transparent transparent;\r\n}\r\n.fp-arrow.fp-next {\r\n border-width: 38.5px 0 38.5px 34px;\r\n border-color: transparent transparent transparent #fff;\r\n}\r\n/* .fp-scrollable {\r\n overflow: hidden;\r\n position: relative;\r\n} */\r\n/* .fp-scroller{\r\n overflow: hidden;\r\n} */\r\n/* .iScrollIndicator{\r\n border: 0 !important;\r\n} */\r\n.fp-notransition {\r\n -webkit-transition: none !important;\r\n transition: none !important;\r\n}\r\n#fp-nav {\r\n position: fixed;\r\n z-index: 100;\r\n top: 50%;\r\n opacity: 1;\r\n transform: translateY(-50%);\r\n -ms-transform: translateY(-50%);\r\n -webkit-transform: translate3d(0,-50%,0);\r\n}\r\n#fp-nav.fp-right {\r\n right: 17px;\r\n}\r\n#fp-nav.fp-left {\r\n left: 17px;\r\n}\r\n.fp-slidesNav{\r\n position: absolute;\r\n z-index: 4;\r\n opacity: 1;\r\n -webkit-transform: translate3d(0,0,0);\r\n -ms-transform: translate3d(0,0,0);\r\n transform: translate3d(0,0,0);\r\n left: 0 !important;\r\n right: 0;\r\n margin: 0 auto !important;\r\n}\r\n.fp-slidesNav.fp-bottom {\r\n bottom: 17px;\r\n}\r\n.fp-slidesNav.fp-top {\r\n top: 17px;\r\n}\r\n#fp-nav ul,\r\n.fp-slidesNav ul {\r\n margin: 0;\r\n padding: 0;\r\n}\r\n#fp-nav ul li,\r\n.fp-slidesNav ul li {\r\n display: block;\r\n width: 14px;\r\n height: 13px;\r\n margin: 7px;\r\n position:relative;\r\n}\r\n.fp-slidesNav ul li {\r\n display: inline-block;\r\n}\r\n#fp-nav ul li a,\r\n.fp-slidesNav ul li a {\r\n display: block;\r\n position: relative;\r\n z-index: 1;\r\n width: 100%;\r\n height: 100%;\r\n cursor: pointer;\r\n text-decoration: none;\r\n}\r\n#fp-nav ul li a.active span,\r\n.fp-slidesNav ul li a.active span,\r\n#fp-nav ul li:hover a.active span,\r\n.fp-slidesNav ul li:hover a.active span{\r\n height: 12px;\r\n width: 12px;\r\n margin: -6px 0 0 -6px;\r\n border-radius: 100%;\r\n }\r\n#fp-nav ul li a span,\r\n.fp-slidesNav ul li a span {\r\n border-radius: 50%;\r\n position: absolute;\r\n z-index: 1;\r\n height: 4px;\r\n width: 4px;\r\n border: 0;\r\n background: #333;\r\n left: 50%;\r\n top: 50%;\r\n margin: -2px 0 0 -2px;\r\n -webkit-transition: all 0.1s ease-in-out;\r\n -moz-transition: all 0.1s ease-in-out;\r\n -o-transition: all 0.1s ease-in-out;\r\n transition: all 0.1s ease-in-out;\r\n}\r\n#fp-nav ul li:hover a span,\r\n.fp-slidesNav ul li:hover a span{\r\n width: 10px;\r\n height: 10px;\r\n margin: -5px 0px 0px -5px;\r\n}\r\n#fp-nav ul li .fp-tooltip {\r\n position: absolute;\r\n top: -2px;\r\n color: #fff;\r\n font-size: 14px;\r\n font-family: arial, helvetica, sans-serif;\r\n white-space: nowrap;\r\n max-width: 220px;\r\n overflow: hidden;\r\n display: block;\r\n opacity: 0;\r\n width: 0;\r\n cursor: pointer;\r\n}\r\n#fp-nav ul li:hover .fp-tooltip,\r\n#fp-nav.fp-show-active a.active + .fp-tooltip {\r\n -webkit-transition: opacity 0.2s ease-in;\r\n transition: opacity 0.2s ease-in;\r\n width: auto;\r\n opacity: 1;\r\n}\r\n#fp-nav ul li .fp-tooltip.fp-right {\r\n right: 20px;\r\n}\r\n#fp-nav ul li .fp-tooltip.fp-left {\r\n left: 20px;\r\n}\r\n.fp-auto-height.fp-section,\r\n.fp-auto-height .fp-slide{\r\n height: auto !important;\r\n}\r\n\r\n/* Used with autoScrolling: false */ \r\n.fp-scrollable .fp-section,\r\n.fp-scrollable .fp-slide{\r\n /* Fallback for browsers that do not support Custom Properties */\r\n height: 100vh;\r\n height: calc(var(--vh, 1vh) * 100);\r\n}\r\n\r\n/* Disabling vertical centering on scrollable elements */\r\n.fp-overflow{\r\n justify-content: flex-start;\r\n}\r\n\r\n.fp-overflow{\r\n overflow-y: scroll;\r\n height: 100%;\r\n outline:none;\r\n}\r\n\r\n.fp-overflow.fp-table{\r\n display: block;\r\n}\r\n\r\n.fp-responsive .fp-auto-height-responsive.fp-section,\r\n.fp-responsive .fp-auto-height-responsive .fp-slide{\r\n height: auto !important;\r\n}\r\n\r\n/*Only display content to screen readers*/\r\n.fp-sr-only{\r\n position: absolute;\r\n width: 1px;\r\n height: 1px;\r\n padding: 0;\r\n overflow: hidden;\r\n clip: rect(0, 0, 0, 0);\r\n white-space: nowrap;\r\n border: 0;\r\n}\r\n\r\n.fp-snaps{\r\n overflow-y: auto !important;\r\n height: 100% !important;\r\n}\r\n.fp-snaps body{\r\n height: 100% !important;\r\n -ms-scroll-snap-type: y mandatory;\r\n scroll-snap-type: y mandatory;\r\n overflow-y: scroll !important;\r\n scroll-behavior: smooth;\r\n}\r\n.fp-snaps .fp-section{\r\n scroll-snap-align: start;\r\n}\r\n.fp-snaps .fullpage-wrapper{\r\n height: auto !important;\r\n}\r\n\r\n/* Used for DragAndMove*/\r\n.fp-disable-snap body{\r\n scroll-behavior: unset !important;\r\n scroll-snap-type: none !important;\r\n}\r\n\r\n/* Customize website's scrollbar like Mac OS\r\nNot supports in Firefox and IE */\r\n.fp-scroll-mac .fp-overflow::-webkit-scrollbar {\r\n background-color: transparent;\r\n width: 9px;\r\n}\r\n.fp-scroll-mac .fp-overflow::-webkit-scrollbar-track {\r\n background-color: transparent;\r\n}\r\n.fp-scroll-mac .fp-overflow::-webkit-scrollbar-thumb {\r\n background-color: rgba(0,0,0,.4);\r\n border-radius: 16px;\r\n border: 4px solid transparent;\r\n}\r\n.fp-warning,\r\n.fp-watermark{\r\n z-index: 9999999;\r\n position: absolute;\r\n bottom: 0;\r\n}\r\n.fp-warning,\r\n.fp-watermark a{\r\n text-decoration: none;\r\n color: #000;\r\n background: rgba(255,255,255,0.6);\r\n padding: 5px 8px;\r\n font-size: 14px;\r\n font-family: arial;\r\n color: black;\r\n display: inline-block;\r\n border-radius: 3px;\r\n margin: 12px;\r\n}"]} \ No newline at end of file
dist/fullpage.min.js+1 −1 modifiedlang/chinese/README.md+1 −1 modified@@ -16,7 +16,7 @@ --- - + [](https://www.gnu.org/licenses/gpl-3.0.html) [](https://www.paypal.me/alvarotrigo/9.95) [](https://www.jsdelivr.com/package/npm/fullpage.js)
lang/french/README.md+1 −1 modified@@ -17,7 +17,7 @@ --- - + [](https://www.gnu.org/licenses/gpl-3.0.html) [](https://www.paypal.me/alvarotrigo/9.95) [](https://www.jsdelivr.com/package/npm/fullpage.js)
lang/korean/README.md+1 −1 modified@@ -16,7 +16,7 @@ </p> --- - + [](https://www.gnu.org/licenses/gpl-3.0.html) [](https://www.paypal.me/alvarotrigo/9.95) [](https://www.jsdelivr.com/package/npm/fullpage.js)
lang/russian/README.md+1 −1 modified@@ -17,7 +17,7 @@ --- - + [](https://www.gnu.org/licenses/gpl-3.0.html) [](https://www.paypal.me/alvarotrigo/9.95) [](https://www.jsdelivr.com/package/npm/fullpage.js)
lang/spanish/README.md+1 −1 modified@@ -18,7 +18,7 @@ --- - + [](https://www.gnu.org/licenses/gpl-3.0.html) [](https://www.paypal.me/alvarotrigo/9.95) [](https://www.jsdelivr.com/package/npm/fullpage.js)
package.json+1 −1 modified@@ -1,6 +1,6 @@ { "name": "fullpage.js", - "version": "4.0.1", + "version": "4.0.2", "description": "Create beautiful fullscreen snap scrolling websites", "main": "dist/fullpage.js", "scripts": {
README.md+1 −1 modified@@ -17,7 +17,7 @@ --- - + [](https://www.gnu.org/licenses/gpl-3.0.html) [](https://www.paypal.me/alvarotrigo/9.95) [](https://www.jsdelivr.com/package/npm/fullpage.js)
rollup.config.js+2 −1 modified@@ -25,7 +25,8 @@ const terserOptions = { keep_quoted: true, reserved: [ 'fullpage', - + 'jQuery', + // options 'menu', 'anchors',
src/css/fullpage.css+1 −1 modified@@ -1,5 +1,5 @@ /*! - * fullPage 4.0.1 + * fullPage 4.0.2 * https://github.com/alvarotrigo/fullPage.js * * @license GPLv3 for open source use only
src/js/fullpage.js+1 −1 modified@@ -60,7 +60,7 @@ function setAPI(){ }; //public functions - FP.version = '4.0.1'; + FP.version = '4.0.2'; FP.test = Object.assign(FP.test, { top: '0px',
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-vpgw-ffh3-648hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-1295ghsaADVISORY
- github.com/alvarotrigo/fullpage.js/commit/bf62492a22e5d296e63c3ed918a42fc5645a0d48ghsax_refsource_MISCWEB
- huntr.dev/bounties/3b9d450c-24ac-4037-b04d-4d4dafbf593aghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.