ws.js icon indicating copy to clipboard operation
ws.js copied to clipboard
verified publisher icon yaronn

SECURITY: Insecure version of xmldom

Open joebowbeer opened this issue 4 years ago • 1 comments

The xmldom version is locked to 0.1.7 which is vulnerable to XML External Entity Injection:

https://snyk.io/test/npm/xmldom/0.1.7

joebowbeer avatar May 20 '21 20:05 joebowbeer

@yaronn Threat-free versions of xmldom are now available at @xmldom/xmldom

https://github.com/xmldom/xmldom

joebowbeer avatar Aug 30 '21 00:08 joebowbeer