Описание
Resources Downloaded over Insecure Protocol in igniteui
Affected versions of igniteui download Javascript and CSS resources over an unencrypted HTTP connection. An attacker with a privileged network position can intercept and view or modify any content sent or recieved over an unencrypted HTTP connection.
Recommendation
The igniteui package has been deprecated by the package author and now exists under ignite-ui, which should be used in place of this package.
Пакеты
Наименование
igniteui
npm
Затронутые версииВерсия исправления
<= 0.0.5
Отсутствует
Связанные уязвимости
CVSS3: 7.4
nvd
больше 7 лет назад
igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over insecure protocol.