Описание
XSS
Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc.
Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older.
Пакеты
Наименование
knockout
npm
Затронутые версииВерсия исправления
< 3.5.0
3.5.0
XSS
Withdrawn: Duplicate of GHSA-vcjj-xf2r-mwvc.
Knockout, before 3.5.0-beta, has an XSS injection point in attr name binding for browser IE7 and older.
knockout
< 3.5.0
3.5.0