VYPR

Packagist (Composer) package

athlon1600/youtube-downloader

pkg:composer/athlon1600/youtube-downloader

Vulnerabilities (1)

  • CVE-2020-11022MedApr 29, 2020
    affected <= 4.0.0

    In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.