Advisories for Npm/Fullpage.js package

2022

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Stored XSS due to unsantized anchor URL in fullpage.js.

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Prototype Pollution in GitHub repository alvarotrigo/fullpage.js prior to 4.0.2.