sveltejs/svelte

on GitHub

546 releases

new releases every 5 days

last release was yesterday at 12:45 PM

last checked today at 9:09 AM

76581

Cybernetically enhanced web apps

CVE History

CVE	Published	CVSS v2	CVSS v3
CVE-2022-25875	July 12, 2022	6.1 MEDIUM	4.3 MEDIUM
The package svelte before 3.49.0 are vulnerable to Cross-site Scripting (XSS) due to improper input sanitization and to improper escape of attributes when using objects during SSR (Server-Side Rendering). Exploiting this vulnerability is possible via objects with a custom toString() function.