npm Updates
1684Warning Date
Severity Level
Warning Number
Target Sector
19 October, 2021
● Medium
2021-3695
All
Description:
npm has released security alerts to address multiple vulnerabilities in the following product:
- kindeditor <= 4.1.12
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
Best practice and Recommendations:
The CERT team encourages users to review npm security advisory: