npm Updates
1752Warning Date
Severity Level
Warning Number
Target Sector
21 May, 2020
● High
2020-1261
All
Description:
npm has released security updates to address a vulnerability in the following products:
- bootstrap-select
- prior to 1.13.6
- @toast-ui/editor
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS) attack.
Best practice and Recommendations:
The CERT team encourages users to review npm security advisory and apply the necessary updates: