CVE-2021-23439

Cross-site Scripting in npm/file-upload-with-preview

Identifiers

CVE-2021-23439

Package Slug

npm/file-upload-with-preview

Vulnerability

Cross-site Scripting

Description

This affects the package file-upload-with-preview A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).

Affected Versions

All versions before 4.2.0

Solution

Upgrade to version 4.2.0 or above.

Last Modified

2021-09-16

source