This article is a part of our Vulnerability Database (back to index)
Cross-site Scripting occurrences in Jspdf
All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). It is possible to inject JavaScript code via the html method. (2020-07-06, CVE-2020-7690)
In all versions of the package jspdf, it is possible to use <