CVE-2021-23439
npm/file-upload-with-preview
Cross-site Scripting
This affects the package file-upload-with-preview A file containing malicious JavaScript code in the name can be uploaded (a user needs to be tricked into uploading such a file).
All versions before 4.2.0
Upgrade to version 4.2.0 or above.
2021-09-16
source |