VYPR

npm package

emojione

pkg:npm/emojione

Vulnerabilities (1)

  • CVE-2016-1000231higSep 1, 2020
    affected < 1.3.1fixed 1.3.1

    Affected versions of `emojione` are vulnerable to cross-site scripting when user input is passed into the `toShort()`, `shortnameToImage()`, `unicodeToImage()`, and `toImage()` functions. ## Recommendation Update to version 1.3.1 or later.