Logo
Submit a FixGo To App

AIKIDO-2024-10350

gridstack is vulnerable to Cross-site Scripting (XSS)

30

Low

gridstack js

AIKIDO-2024-10350: gridstack is vulnerable to Cross-site Scripting (XSS) in versions 0.1.0 - 10.3.1.

Cross-site Scripting (XSS)
Vuln in 0.1.0 - 10.3.1
Fixed in 11.0.0
No CVE available
TL;DR

Affected versions of the package are vulnerable to Cross-site Scripting (XSS) because of the use of innerHTML with user input.

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade gridstack library to patch version.

Background info

Link to vendor website

Don’t be left in the dark

With in-house intel and access to top vulnerability databases, see it all with Aikido.

cta graphic
Get Secure
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US