@contentstack/utils is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
30
Low
@contentstack/utils js
AIKIDO-2024-10194: @contentstack/utils is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in versions 1.0.0 - 1.3.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Vuln in 1.0.0 - 1.3.8
Fixed in 1.3.9
No CVE available
TL;DR
Affected versions of the package are vulnerable to Cross-site Scripting (XSS) when rendering options.
Who does this affect?
You're affected if you are using a version which is within vulnerability ranges.
How can it be fixed?
Upgrade @contentstack/utils library to patch version.