This article is a part of our Vulnerability Database (back to index)

Cross-site Scripting occurrences in Jspdf

All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method. (2020-07-06, CVE-2020-7690)

In all versions of the package jspdf, it is possible to use <