npm package
@meshconnect/web-link-sdk
pkg:npm/%40meshconnect/web-link-sdk
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-59430 | Hig | 8.2 | < 3.3.2 | 3.3.2 | Sep 22, 2025 | Mesh Connect JS SDK contains JS libraries for integrating with Mesh Connect. Prior to version 3.3.2, the lack of sanitization of URLs protocols in the createLink.openLink function enables the execution of arbitrary JavaScript code within the context of the parent page. This is te |
- affected < 3.3.2fixed 3.3.2
Mesh Connect JS SDK contains JS libraries for integrating with Mesh Connect. Prior to version 3.3.2, the lack of sanitization of URLs protocols in the createLink.openLink function enables the execution of arbitrary JavaScript code within the context of the parent page. This is te