VYPR

npm package

react-dom

pkg:npm/react-dom

Vulnerabilities (1)

  • CVE-2018-6341Dec 31, 2018
    affected >= 16.0.0, < 16.0.1fixed 16.0.1

    React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This issue affected minor releases 16.0.x, 16.1.x, 16.2.x, 16.3.x, and