npm package
jqtree
pkg:npm/jqtree
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-1000234 | hig | — | < 1.3.4 | 1.3.4 | Sep 1, 2020 | Affected versions of `jqtree` are vulnerable to cross-site scripting in the drag and drop functionality for modifying tree data. When a user attempts to drag a node to a different position in the hierarchy, script content existing within the node will be executed. ## Recommen |
- affected < 1.3.4fixed 1.3.4
Affected versions of `jqtree` are vulnerable to cross-site scripting in the drag and drop functionality for modifying tree data. When a user attempts to drag a node to a different position in the hierarchy, script content existing within the node will be executed. ## Recommen