npm package
video.js
pkg:npm/video.js
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23414 | — | < 7.14.3 | 7.14.3 | Jul 28, 2021 | This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code. |
- CVE-2021-23414Jul 28, 2021affected < 7.14.3fixed 7.14.3
This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.