You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. Does not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents.
Describe the bug
Introduced through: vue-html2pdf@1.8.0 › html2pdf.js@0.9.3 › jspdf@1.4.1 › canvg@1.5.3 › xmldom@0.1.31
Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. Does not correctly preserve system identifiers, FPIs or namespaces when repeatedly parsing and serializing maliciously crafted documents.
Package Version
1.8.0
Additional context
Ref: https://security.snyk.io/vuln/SNYK-JS-XMLDOM-1084960
The text was updated successfully, but these errors were encountered: