CVE-2021-43862

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in npm/jquery.terminal

Identifiers

CVE-2021-43862, GHSA-x9r5-jxvq-4387

Package Slug

npm/jquery.terminal

Vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

Description

jQuery Terminal Emulator is a plugin for creating command line interpreters in your applications.As a workaround, the user can use formatting that wrap whole user input and its no op. The code for this workaround is available in the GitHub Security Advisory. The fix will only work when user of the library is not using different formatters (e.g. to highlight code in different way).

Affected Versions

All versions before 2.31.1

Solution

Upgrade to version 2.31.1 or above.

Last Modified

2022-01-11

source