npm package
@knight-lab/timelinejs
pkg:npm/%40knight-lab/timelinejs
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15092 | — | < 3.7.0 | 3.7.0 | Jul 9, 2020 | In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON config |
- CVE-2020-15092Jul 9, 2020affected < 3.7.0fixed 3.7.0
In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON config