Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2021-23353

Disclosure Date: March 09, 2021 (last updated November 28, 2024)
This affects the package jspdf before 2.3.1. ReDoS is possible via the addImage function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-7691

Disclosure Date: July 06, 2020 (last updated February 21, 2025)
In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-7690

Disclosure Date: July 06, 2020 (last updated February 21, 2025)
All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0