VYPR

npm package

jqtree

pkg:npm/jqtree

Vulnerabilities (1)

  • CVE-2016-1000234higSep 1, 2020
    affected < 1.3.4fixed 1.3.4

    Affected versions of `jqtree` are vulnerable to cross-site scripting in the drag and drop functionality for modifying tree data. When a user attempts to drag a node to a different position in the hierarchy, script content existing within the node will be executed. ## Recommen