VYPR

npm package

slim-select

pkg:npm/slim-select

Vulnerabilities (1)

  • CVE-2024-9440MedOct 2, 2024
    affected >= 2.0.0, < 2.9.2fixed 2.9.2

    Slim Select 2.0 versions through 2.9.0 are affected by a potential cross-site scripting vulnerability. In select.ts:createOption(), the text variable from the user-provided Options object is assigned to an innerHTML without sanitation. Software that depends on this library to dyn