VYPR

npm package

stimulus_reflex

pkg:npm/stimulus_reflex

Vulnerabilities (1)

  • CVE-2024-28121Mar 12, 2024
    affected >= 3.5.0-pre0, < 3.5.0-rc4fixed 3.5.0-rc4

    stimulus_reflex is a system to extend the capabilities of both Rails and Stimulus by intercepting user interactions and passing them to Rails over real-time websockets. In affected versions more methods than expected can be called on reflex instances. Being able to call some of t