VYPR

npm package

gmail-js

pkg:npm/gmail-js

Vulnerabilities (1)

  • CVE-2016-1000228higSep 1, 2020
    affected < 0.6.5fixed 0.6.5

    Affected versions of `gmail-js` are vulnerable to cross-site scripting in the `tools.parse_response`, `helper.get.visible_emails_post`, and `helper.get.email_data_post` functions, which pass user input directly into the Function constructor. ## Recommendation Update to versio