RSS   Vulnerabilities for 'Ansi up'   RSS

2021-03-05
 
CVE-2021-3377

CWE-79
 

 
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.

 


Copyright 2021, cxsecurity.com

 

Back to Top