|Package Slug|| |
In TimelineJS, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file.
|Affected Versions|| |
All versions before 3.7.0
Upgrade to version 3.7.0 or above.
|Last Modified|| |